Mastra compromised in supply chain attack(endorlabs.com)
endorlabs.com
Mastra compromised in supply chain attack
https://www.endorlabs.com/learn/mastra-npm-org-compromised-multiple-packages-trojanized-to-drop-a-remote-payload-via-easy-day-js
3 comments
116 packages in the mastra npm org compromised by a single attacker.
"Over a 27-minute window, they republished the entire @mastra catalog. They left Mastra's own code alone."
AI?
AI?