In a notable security breach, 144 npm packages linked to the Mastra namespace, a widely used framework for developing artificial intelligence (AI) applications, have been compromised. This incident, identified as a software supply chain attack and named ‘easy-day-js’, was revealed by security firms including JFrog, SafeDep, Socket, and StepSecurity.
Hijacked Account Leads to Mass Publication
The breach occurred when an npm account named ‘ehindero’ was used to publish over 140 malicious packages within a brief period on June 17, 2026. The packages, although not directly containing harmful code, were compromised through the introduction of a third-party library called ‘easy-day-js’. Initially published as a clean package on June 16, 2026, malicious alterations were made the following day by the npm user ‘sergey2016’.
This ‘easy-day-js’ library executes an obfuscated payload during the installation phase, acting as a dropper for a secondary harmful payload sourced from a remote server (‘23.254.164[.]92’). The payload operates as a background process, erasing itself post-execution to avoid detection.
Cross-Platform Information Theft
The ultimate goal of the attack is to deploy an information-stealing malware capable of accessing browser histories, data from over 160 cryptocurrency wallet extensions, and establishing persistence across multiple operating systems including Windows, macOS, and Linux. The stolen data is then sent to a command-and-control server (‘23.254.164[.]123’).
SafeDep’s analysis reveals that ‘easy-day-js’ is a modified version of the ‘dayjs’ library, integrating a crypto-stealing remote access trojan. The attackers capitalized on a lapse in security by hijacking the account of a legitimate former contributor, whose access was not revoked. Npm has since removed the compromised versions from major packages and reverted their updates.
Security Measures and Impact
Mastra usually ensures the authenticity of its releases through npm’s trusted publisher system, which includes SLSA provenance attestations. However, the attack was facilitated by the use of a personal token, bypassing these security measures. This incident highlights the need for more stringent security policies, such as npm audit signatures or enforced attestations, which could prevent unauthorized publications.
Organizations that have installed the affected packages, including the highly downloaded ‘@mastra/core’, are advised to revert to safe versions, update credentials, and conduct thorough security audits. The attack’s reach is significant, given the popularity of these packages, posing a substantial risk to systems that executed the compromised code during installation.
This incident serves as a critical reminder of the vulnerabilities present in software supply chains, emphasizing the importance of robust security protocols to safeguard against such attacks in the future.
