144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.

“A single npm account (ehindero) mass-published more

Source: The Hacker News

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Abandoned and Little-Known Airfields

Abandoned and Little-Known Airfields Source: Hacker News

Read More

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone

Apple Patches Beats Studio Buds Flaw Letting Nearby Attackers Spy via Microphone Apple has updated its Beats Studio Buds wireless earbuds to patch a high-severity vulnerability that could be exploited

Read More

Stop Killing Games fails to secure EU law despite 1.3M signatures

Stop Killing Games fails to secure EU law despite 1.3M signatures Source: Hacker News

Read More