CyberIntel ⬡ News
★ Saved ◆ Cyber Reads
← Back ◇ Industry News & Leadership Jun 17, 2026

144 Mastra npm Packages Compromised via Hijacked Contributor Account

The Hacker News Archived Jun 17, 2026 ✓ Full text saved

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity. "A single npm account (ehindero) mass-published more

Full text archived locally
✦ AI Summary · Claude Sonnet


    144 Mastra npm Packages Compromised via Hijacked Contributor Account Ravie LakshmananJun 17, 2026Malware / Cryptocurrency As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity. "A single npm account (ehindero) mass-published more than 140 malicious packages across the Mastra scope within a short window on 2026-06-17," Socket said. The infected packages themselves do not include malicious code. Instead, it's introduced by means of a third-party library named "easy-day-js" that has been added to each package's dependency list. The JavaScript library was published by an npm user called "sergey2016" on June 16, 2026, at 7:05 a.m. UTC as a clean, fully functional copy, with the malicious changes introduced on June 17, 2026, at 1:01 a.m. UTC. The "easy-day-js" package launches an obfuscated payload that's fired during a postinstall hook, which acts as a dropper or loader for a second-stage payload retrieved from attacker-controlled infrastructure ("23.254.164[.]92") after disabling TLS certificate validation. The payload is then executed as a detached background process, following which the loader takes steps to erase itself to minimize the forensic trail. The final stage is a cross-platform information stealer that can harvest browser history, store data from over 160 cryptocurrency wallet browser extensions, install persistence across Windows, macOS, and Linux, and exfiltrate the captured information to the C2 server ("23.254.164[.]123"). In its analysis, SafeDep described "easy-day-js" as a clone of the "dayjs" date library that downloads and runs a cryptocurrency-stealing remote access trojan. The attackers behind the campaign are said to have hijacked the "ehindero" account, a legitimate former Mastra contributor whose scope access was never revoked. Npm has since pulled the malicious versions from the highest-profile packages and reverted their latest tag. Image Source: StepSecurity "Mastra ships its real releases from CI through npm's trusted publisher flow, and each one carries SLSA provenance attestations," SafeDep said. "The attacker pushed the malicious versions from a personal token and dropped the provenance." "The same fingerprint repeats across the whole scope. Mastra generated provenance on CI publishes but did not require it, so a standard npm token could still publish without attestations. A signature-verifying install (npm audit signatures, or a policy that requires attestations) would have rejected every package in this wave." Any workstation, CI runner, or build environment that installed the affected versions should be treated as potentially compromised. It's advised to roll back to a safe version, rotate any credentials, and audit the hosts for any artifacts linked to the campaign. "The affected packages include @mastra/core, which receives more than 918K weekly npm downloads, giving this campaign a large potential blast radius," Socket said. "Because the payload executes during installation, systems may be exposed before developers import or use the package." Found this article interesting? Follow us on Google News, Twitter and LinkedIn to read more exclusive content we post. SHARE     Tweet Share Share SHARE  cryptocurrency, Information Stealer, JavaScript, Malware, Mastra, NPM, Open Source, Software Supply Chain, TypeScript ⚡ Top Stories This Week Cybersecurity Stars Awards 2026: Winners Announced Across 95 Categories ThreatsDay Bulletin: Worm Code Leaked, AI Agent Phished, Claude Code Patch + 28 New Stories Chrome V8 Zero-Day CVE-2026-11645 Exploited in the Wild - Patch Now U.S. Orders Anthropic to Suspend Fable 5 and Mythos 5 Access for Foreign Nationals New GreatXML Exploit Bypasses Windows BitLocker via Recovery Partition XML Files China-Linked Hackers Backdoored Linux Login Software to Hide for Nearly a Decade Researchers Build Self-Replicating AI Worm That Operates Entirely on Local, Open-Weight Models ⚡ Weekly Recap: Chrome 0-Day, UniFi Exploits, macOS Stealers, VPN Flaw and More Ivanti, Fortinet, and SAP Release Patches for Multiple Critical Vulnerabilities Critical Splunk Enterprise Flaw Lets Attackers Run Code Without Authentication Palo Alto Warns of Active Exploitation of PAN-OS GlobalProtect VPN Flaw Microsoft Defender RoguePlanet Zero-Day Grants SYSTEM Access on Updated Windows Over 400 Arch Linux AUR Packages Hijacked to Deploy Infostealer and eBPF Rootkit Agentjacking Attack Tricks AI Coding Agents Into Running Malicious Code Anthropic Releases Claude Fable 5, Its Most Powerful AI Yet, With Cyber Safeguards Microsoft Patches Record 206 Flaws, Including Three Zero-Days and Critical RCE Bugs ⭐ Featured Resources Have You Outgrown Your MDR? 7 Warning Signs Every CISO Should Check AI Can’t Stop Every Attack. Learn How Zero Trust Can Block What’s Unknown [Watch Demo] See Which Security Gaps Attackers Could Exploit First Get the 2026 Guide to Govern and Secure Enterprise AI Agents at Scale
    💬 Team Notes
    Article Info
    Source
    The Hacker News
    Category
    ◇ Industry News & Leadership
    Published
    Jun 17, 2026
    Archived
    Jun 17, 2026
    Full Text
    ✓ Saved locally
    Open Original ↗