Microsoft Attributes Mastra AI Supply Chain Attack to North Korea
ID: 88a59c43-7334-5a2d-b1a4-d16ae225a4df
STIX ID: report--88a59c43-7334-5a2d-b1a4-d16ae225a4df
Feed Name: Infosecurity Magazine (News)
Microsoft attributes a large-scale npm supply-chain attack against the Mastra TypeScript project to North Korean state actor Sapphire Sleet; attackers hijacked a maintainer account to publish poisoned packages (via the malicious dependency easy-day-js) that disabled TLS verification, contacted C2 servers, and delivered cross-platform malware aimed at stealing cryptocurrency wallet data and collecting system reconnaissance. Microsoft recommends scanning dependency trees and node_modules for easy-day-js, pinning known-good package versions, and updating to unaffected Mastra releases.
Your team is not currently subscribed to this feed. You must subscribe to it in order to see this post.
