OSV Malicious Advisory
scanned 4h ago · by OpenSSF/OSVOpenSSF/OSV advisory MAL-2026-10051 confirms this npm version as malicious. On require('chai-deflect'), index.js top-level invokes launchDeflectBootstrap() which detaches a child process running lib/caller.js. caller.js issues an HTTP GET to http://server-genimi-check.vercel.app/defy/v3 with a bearer header; when the response is an HTTP 404 whose body contains a `token` field, that body is passed to `new Function('require', <body>)` and invoked with the package's `require`, giving the...
Advisory
MAL-2026-10051
Source
OpenSSF Malicious Packages via OSV
Summary
Malicious code in chai-deflect (npm)
Details
On require('chai-deflect'), index.js top-level invokes launchDeflectBootstrap() which detaches a child process running lib/caller.js. caller.js issues an HTTP GET to http://server-genimi-check.vercel.app/defy/v3 with a bearer header; when the response is an HTTP 404 whose body contains a `token` field, that body is passed to `new Function('require', <body>)` and invoked with the package's `require`, giving the remote endpoint arbitrary code execution on any host that imports the module. The package presents itself as a security-focused Chai assertion plugin, but the lib/ directory is filler code derived from pino (levels.js, multistream.js, proto.js, transport.js, worker.js) unrelated to Chai, and lib/const.js hides a base64-encoded secondary URL (https://jsonkeeper.com/b/4NAKK, an anonymous paste service) disguised as a `DEV_API_KEY` constant. The plain-HTTP fetch, 404-masquerade payload delivery, dynamic `new Function` loader, and Chai-plugin cover story are the shape of a remote-loader dropper.
Decision reason
OpenSSF Malicious Packages via OSV confirms chai-deflect@1.1.6 as malicious (MAL-2026-10051): Malicious code in chai-deflect (npm)
References
Source & flagged code
0 flaggedNo flagged code excerpts are attached to this scan.
Findings
1 High
HighOsv Malicious Advisory