144 Mastra npm Packages Compromised Through Maintainer Phishing Attack
Executive Summary A report published by The Hacker News on 17 June 2026 detailed a software supply chain attack impacting 144 npm packages associated with the Mastra ecosystem after threat actors compromised a maintainer account through a phishing attack. The attackers leveraged the compromised account to publish malicious package versions to the npm registry. According to the…
Read More
