144 Mastra npm Packages Compromised via Hijacked Contributor Account | HappeningNow.news
Published Date: June 17, 2026

Cybersecurity

144 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework…

Source The Hacker News AI Summary Updated 3h 08m ago
Story intelligence Beta
Freshness Fresh Updated 3h 08m ago
Confidence Checking
Coverage Checking
Views New Be the first to read
Read time 1 min ~50 words

AI Summary

As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity. "A single npm acco…

Read full article on The Hackernews

AI summaries can be wrong sometimes—always verify important details using the source article.

More coverage on this topic

Javascript25 stories
View all Javascript coverage
SUPPORT HAPPENINGNOW · Independent AI News Intelligence
SUPPORTER MESSAGE

Enjoyed this article? Consider supporting HappeningNow to help keep independent AI-powered news analysis moving forward. Your contribution helps cover infrastructure, AI summaries, and continued platform development.

Support HappeningNow
Category Cybersecurity
Outlet The Hackernews
Source The Hacker News
Return to Frontpage