npm Supply Chain Attack: North Korea Hits Mastra AI [2026]
✦ NabkaNews BriefAuto-summarized from multiple outlets · verify with the source
A supply chain attack has been reported to have targeted Mastra AI, with multiple outlets suggesting the involvement of North Korean hackers. The attack is said to have compromised numerous npm packages, with reports varying on the exact number, ranging from 144 to 145 packages. The nature of the attack involved a compromise of the Mastra AI framework, potentially through a hijacked contributor account.
Full coverage
12345678