BREAKING
Mastra npm Supply Chain Attack
0+
packages hit
0min
to publish all
0M
weekly downloads
How the Attack Unfolded
1Hijack ehindero account
2Add easy-day-js typosquat
3Postinstall runs dropper
4Infostealer deployed
Cross-Platform Infostealer
Payload41KB
Windows, Linux, macOS
Checks 166 wallet extensions
Targets MetaMask, Phantom
Persistence
Windows Run key
macOS LaunchAgent
Linux systemd, NVM disguise
Sapphire Sleet Behind It
Pin Versions, Rotate Secrets
AI NEWS BLITZ
Microsoft links a major npm supply chain attack to North Korean hackers.