144 Mastra npm packages just got weaponized. 1.1M weekly downloads. Your AI builds are compromised.

The entire @mastra/* npm scope just got hijacked. 144 packages. 1.1 million weekly downloads. One infostealer.

An attacker compromised a former contributor account whose publishing access was never revoked. On June 17, they ran an 88-minute automated campaign — republishing every @mastra package with a single injected dependency: easy-day-js, a typosquat of dayjs.

The malicious payload harvests browser data from Chrome, Edge, and Brave. Extracts credentials from 166 cryptocurrency wallet extensions. Performs full host reconnaissance. Establishes cross-platform persistence. Exfiltrates everything to attacker infrastructure.

No user interaction beyond "npm install" is required.

Any developer workstation, CI runner, or build system that installed any @mastra/* package after June 16 is compromised. The highest-impact package — @mastra/core — has 918K weekly downloads alone.

This is not a theoretical vulnerability. It is an active supply chain compromise with tradecraft overlapping Sapphire Sleet/BlueNoroff per Microsoft. JFrog, SafeDep, Socket, and StepSecurity have all independently confirmed it.

The attack exploits a structural weakness in npm: packages pin "^1.11.21", npm's semver resolution automatically pulls v1.11.22, and the postinstall hook runs with full privileges. No review. No approval. No gate.

Audit your dependency trees immediately. Run "npm ls easy-day-js" across every project. Rotate all credentials on any affected system — npm tokens, GitHub tokens, cloud provider keys, LLM API keys, CI/CD secrets, SSH keys, database credentials. Treat every affected machine as fully compromised.

This is the cost of treating AI framework dependencies as trusted. They are not.

SOURCE: https://orca.security/resources/blog/mastra-npm-supply-chain-attack/
VERIFIED: Orca Security, JFrog, Socket, StepSecurity
SIGNAL: AI development frameworks are now primary supply chain attack targets. 1.1M weekly downloads compromised in 88 minutes. Every CI/CD pipeline pulling npm dependencies is exposed.