Which versions of chai-as-uphelded are malicious?

The following npm versions of chai-as-uphelded are flagged malicious: 6.11.4. Treat any of these as compromised.

How do I remediate chai-as-uphelded if I installed it?

Remove chai-as-uphelded from your project and lockfile, then assume any secrets accessible to the build or runtime were exposed: rotate API keys, tokens, and credentials, and audit for unexpected outbound network activity or persistence. Use O3 Security's dependency scanner to confirm the package and its artifacts are fully purged across your stack.

Is chai-as-uphelded part of a known attack campaign?

Yes — chai-as-uphelded is associated with the IN-MAL-2026-007071 campaign. Packages in the same campaign often share infrastructure and payloads, so check whether any related packages are also in your dependency tree.

Can O3 Security detect chai-as-uphelded in my codebase?

Yes. O3 Security's supply-chain scanner checks every dependency against known-malicious package intelligence at install time and in CI, blocking chai-as-uphelded and packages like it before any post-install script runs.

Malicious package

chai-as-upheldednpm

Malicious code in chai-as-uphelded (npm) Remove it immediately and rotate any exposed credentials.

MAL-2026-6220

Immediate action

Remove the package, then rotate any secrets the build/runtime could reach.

npm uninstall chai-as-uphelded

What this malware does

Package name impersonates the popular chai-as-promised library, but its package.json description and keywords masquerade as a pino-style logger and an unrelated vulnerability-management document — a deliberate metadata cover. The default export is an Express-style middleware that, when invoked, spawns a detached node./lib/caller.js. caller.js base64-decodes a URL to https://api.jsonstorage.net/v1/json/2ef8c758-a96f-459e-b036-b3b90379a165/a179ea35-b962-4722-b3f1-e28316d1a44a, GETs JSON, and passes the response's cookie field directly to new Function.constructor('require', s)(require) — evaluating attacker-controlled JavaScript with full access to Node's require. The endpoint is mutable third-party storage, the URL is obscured via base64, and the executed payload is opaque. Any consumer that uses the package's documented middleware (or runs the package's own smoke script) reaches the eval sink.

Malicious versions

1 flagged

6.11.4

Indicators of compromise (SHA-256)

aa7f5470790594e55393048fee0e7a9e6e6650776a06717258e410292d4dc8a9

Frequently asked questions

No. chai-as-uphelded on npm has been identified as a malicious package (version 6.11.4 flagged). It should be removed immediately — do not install or keep it in your dependency tree.

Campaign

IN-MAL-2026-007071

References

npmjs.com

Credits

Amazon Inspector · finder

Scan your dependencies

O3 Security blocks malicious packages like this at install time and in CI.

Supply-chain protection