logo

The OpenSourceMalware Show: #9

ID: 42228783-dd61-5d1e-8039-347edf732a68

STIX ID: report--42228783-dd61-5d1e-8039-347edf732a68

Feed Name: OpenSourceMalware Blog

Threat Score
75/100

Date Published: 2026-06-18

Date Updated: 2026-06-20

Author: cb482791-4ef1-4762-96ad-b0ca4bdd538e

...
...

**Executive summary:** The OpenSourceMalware show documents an active supply‑chain compromise of the Mastra npm organization where attackers pre‑staged a typosquatted package (easy-day-js) and added it as a dependency across 116 packages to deliver a two‑stage info‑stealer focused on browser extensions (including major password managers), MFA tools and integrations like Zapier; the episode also warns about "agentjacking" (prompt injection via MCP/Sentry logs) and dispels common malware myths while stressing the value of attribution for incident response.

Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.