BREAKING
Mastra npm Supply Chain Attack
0
+
packages hit
0
min
to publish all
0
M
weekly downloads
How the Attack Unfolded
1
Hijack ehindero account
↓
2
Add easy-day-js typosquat
↓
3
Postinstall runs dropper
↓
4
Infostealer deployed
Cross-Platform Infostealer
Payload
41KB
●
Windows, Linux, macOS
●
Checks 166 wallet extensions
●
Targets MetaMask, Phantom
Persistence
●
Windows Run key
●
macOS LaunchAgent
●
Linux systemd, NVM disguise
Sapphire Sleet Behind It
Pin Versions, Rotate Secrets
AI NEWS BLITZ
Microsoft links a major npm supply chain attack to North Korean hackers.