144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace (“@mastra/*”), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.

“A single npm account (ehindero) mass-published more

Source: The Hacker News

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 19.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 85.215.205.132 — 1027 requests (recent log) 213.209.159.175 — 263 requests (recent log) 89.167.35.212 — 226 requests (recent

Read More

Humiliating IIS servers for fun and jail time

Humiliating IIS servers for fun and jail time Source: Hacker News

Read More

Attack Update: Top 5 Attack-IPs auf doode.info – 15.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 213.209.159.175 — 59 requests (recent log) 192.253.248.169 — 59 requests (recent log) 89.167.35.212 — 41 requests (recent

Read More