Security2026-06-18 · source-backed
144 @mastra npm packages backdoored in an 88-minute supply-chain run.
Story
On June 17 an attacker hijacked a stale contributor account and republished 142 packages under the @mastra scope, injecting a typosquatted easy-day-js dependency. The postinstall payload disabled TLS verification, pulled a second-stage C2 binary, and harvested browser data plus credentials from 166 crypto-wallet extensions. @mastra/core alone sees about 918K weekly downloads, so the blast radius is large. If you build on Mastra, roll back to pre-incident versions and rotate npm, GitHub, cloud, and LLM API tokens now. (The Hacker News)
Related stories
Each link below shares sources, entities, or timing with this story.
Shared entities / Same source domain / Shared topic / Earlier coverage
SmartLoader Supply Chain Attack: Cloned MCP Server Distributes Infostealer
Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); overlapping topics (browser, contributor, credential).
Shared entity: GitHub / Same source domain / Shared topic / Earlier coverage
Langflow CVE-2026-33017: CVSS 9.3 Unauthenticated RCE Exploited Within 20 Hours.
Both cover GitHub; reported by the same outlet (thehackernews.com); overlapping topics (account, attacker, cloud).
Shared entities / Same source domain / Earlier coverage
RoguePilot: GitHub Issues Weaponized to Hijack Copilot and Steal Repo Tokens
Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); earlier GitHub coverage from 2026-02-25.
Vibe Coding & AI Development
Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); earlier GitHub coverage from 2026-02-17.
Shared entity: The Hacker News / Same source domain / What happened next / Tension
A fake agent skill reached ~26,000 agents and every scanner said it was safe
Both cover The Hacker News; reported by the same outlet (thehackernews.com); picks up the The Hacker News thread on 2026-06-28.
Shared entity: GitHub / Shared topic / Earlier coverage / Tension
Self-replicating "Miasma" malware hit 70+ Microsoft open-source repos, stealing credentials the instant a repo opens in an AI tool.
Both cover GitHub; overlapping topics (attacker, credential); earlier GitHub coverage from 2026-06-09.
SANDWORM_MODE: npm Worm Injects Malicious MCP Servers Into AI Coding Tools.
Both cover GitHub; overlapping topics (cloud, packag); earlier GitHub coverage from 2026-02-26.
Shared entity: The Hacker News / Same source domain / Earlier coverage / Tension
OpenClaw CVE-2026-25253: One-Click RCE Kill Chain
Both cover The Hacker News; reported by the same outlet (thehackernews.com); earlier The Hacker News coverage from 2026-02-25.
Source trail
Entities
Provenance
- Canonical issue
- Ramsay Research Agent — June 18, 2026
- AI generated
- no
- Story unit
- 2026-06-18-144-mastra-npm-packages-backdoored-in-an-88-minute-supply-chain-run
- Labels
- source-backed, canonical briefing excerpt