MAL-2026-5905

--- _-= Per source details. Do not edit below this line.=-_

## Source: amazon-inspector (ddf8b1cc2e3c780dc0ac44e7691f14f2031f0aca1e1c207f1c15c0815471358b) chai-plugin-helper poses as a chai plugin and ships a verbatim copy of chai's public API (index.js, lib/chai.js, expect/should/assert exports, version string '4.3.8', description copied from chai) so it functions as a drop-in replacement. On require('chai-plugin-helper'), index.js line 8 spawns a detached background `node` process that runs lib/chai/utils/assertion.js: `const child = spawn("node", [assertion, JSON.stringify(args)], { detached: true, stdio: "ignore" })`. assertion.js is obfuscator.io-encoded with a rotated 31-entry string array decoded via a base64+URI-decode chain and hex-named identifiers (_0x479d3b, _0x4a30, etc.). After deobfuscation, the file performs an HTTP(S) GET to a URL built from the encoded constants and passes the response body into `new Function(_0x154837[...],_0x375b9e)` invoked with the installer's `require` — executing attacker-controlled remote code with full Node privileges. The copyright header has been altered to 'Anton Lane' while the rest of chai's source is copied verbatim, so installers see a working assertion library and do not notice the dropper running in the background. Combination of namespace impersonation, drop-in API, obfuscation specifically wrapping the fetch+exec path, and remote-code execution at require-time is unambiguous supply-chain attack.