PkgRadar

Malware advisory

MAL-2026-2891

Malicious code in chai-as-init (npm)

4 affected releases in the PkgRadar corpus · published 2026-04-16 · upstream advisory

Affected packages

PackageEcosystemVersionVerdictScanned (UTC)
chai-as-initnpm0.0.1-securityHigh risk2026-07-14
chai-as-initnpm1.4.5High risk2026-06-23
chai-as-initnpm1.4.6High risk2026-06-23
chai-as-initnpm1.4.7High risk2026-06-23

PkgRadar blocks these releases at the CI gate before they reach your build. Start free or see all advisories.

MAL-2026-2891 — malicious package advisory | PkgRadar