← The Wire

Security2026-06-18 · source-backed

144 @mastra npm packages backdoored in an 88-minute supply-chain run.

Confidence
source-backed
Sources
1
Redaction
passed

Story

On June 17 an attacker hijacked a stale contributor account and republished 142 packages under the @mastra scope, injecting a typosquatted easy-day-js dependency. The postinstall payload disabled TLS verification, pulled a second-stage C2 binary, and harvested browser data plus credentials from 166 crypto-wallet extensions. @mastra/core alone sees about 918K weekly downloads, so the blast radius is large. If you build on Mastra, roll back to pre-incident versions and rotate npm, GitHub, cloud, and LLM API tokens now. (The Hacker News)

Related stories

Each link below shares sources, entities, or timing with this story.

  1. Shared entities / Same source domain / Shared topic / Earlier coverage

    SmartLoader Supply Chain Attack: Cloned MCP Server Distributes Infostealer

    Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); overlapping topics (browser, contributor, credential).

  2. Shared entity: GitHub / Same source domain / Shared topic / Earlier coverage

    Langflow CVE-2026-33017: CVSS 9.3 Unauthenticated RCE Exploited Within 20 Hours.

    Both cover GitHub; reported by the same outlet (thehackernews.com); overlapping topics (account, attacker, cloud).

  3. Shared entities / Same source domain / Earlier coverage

    RoguePilot: GitHub Issues Weaponized to Hijack Copilot and Steal Repo Tokens

    Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); earlier GitHub coverage from 2026-02-25.

  4. Vibe Coding & AI Development

    Both cover GitHub, The Hacker News; reported by the same outlet (thehackernews.com); earlier GitHub coverage from 2026-02-17.

  5. Shared entity: The Hacker News / Same source domain / What happened next / Tension

    A fake agent skill reached ~26,000 agents and every scanner said it was safe

    Both cover The Hacker News; reported by the same outlet (thehackernews.com); picks up the The Hacker News thread on 2026-06-28.

  6. Shared entity: GitHub / Shared topic / Earlier coverage / Tension

    Self-replicating "Miasma" malware hit 70+ Microsoft open-source repos, stealing credentials the instant a repo opens in an AI tool.

    Both cover GitHub; overlapping topics (attacker, credential); earlier GitHub coverage from 2026-06-09.

  7. SANDWORM_MODE: npm Worm Injects Malicious MCP Servers Into AI Coding Tools.

    Both cover GitHub; overlapping topics (cloud, packag); earlier GitHub coverage from 2026-02-26.

  8. Shared entity: The Hacker News / Same source domain / Earlier coverage / Tension

    OpenClaw CVE-2026-25253: One-Click RCE Kill Chain

    Both cover The Hacker News; reported by the same outlet (thehackernews.com); earlier The Hacker News coverage from 2026-02-25.

Source trail

Entities

Provenance

AI generated
no
Story unit
2026-06-18-144-mastra-npm-packages-backdoored-in-an-88-minute-supply-chain-run
Labels
source-backed, canonical briefing excerpt