Open Source

144 Mastra npm Packages Compromised via Hijacked Contributor Account

AI Quick Briefs Editorial Desk · June 17, 2026
144 Mastra npm Packages Compromised via Hijacked Contributor Account

What happened

At least 144 npm packages under the Mastra namespace were compromised through a software supply chain attack called easy-day-js. The attacker hijacked a contributor account named “ehindero” and used it to mass-publish malicious versions of these packages. Mastra is a well-regarded open-source framework for AI development in JavaScript and TypeScript, widely used by builders for creating AI applications. The campaign was uncovered by collaborative research from JFrog, SafeDep, Socket, and StepSecurity.

The risk

This breach opens a direct backdoor into projects relying on these packages. By compromising a trusted maintainer account, attackers were able to inject malicious code that could execute unnoticed on developers’ machines or production environments. This elevates the risk for builders who pull from Mastra npm packages, exposing them to potential data theft, unauthorized access, or supply chain persistence. The attack exploits trust within the open-source ecosystem, where a single compromised contributor can taint many dependent projects.

Why it matters

Supply chain attacks like this increase the complexity and cost of securing open-source dependencies—central to most modern AI and web app development. Builders must now verify contributor identities and package integrity more rigorously, slowing development and raising operational overhead. For businesses, these incidents strain trust in open-source tooling, forcing more cautious adoption or investing in additional security checks. The attack also illustrates how threat actors are prioritizing narrow, high-impact targets like popular AI frameworks, indicating rising adversary focus on tooling critical to AI deployment.

Who should pay attention

Developers and operators depending on Mastra packages need to immediately review their supply chain hygiene and update or replace compromised dependencies. Security teams should monitor their environments for signs of exploitation stemming from these packages. Framework maintainers and ecosystem managers must strengthen contributor account security and implement tighter vetting and anomaly detection to prevent similar escalations. Investors and AI builders relying on open-source stacks should factor supply chain risk explicitly into project timelines and vendor due diligence.

What to watch next

Observe whether Mastra and npm take additional steps to lock down contributor access and implement stronger safeguards. Watch for related disclosures of compromised packages in adjacent AI or JavaScript framework ecosystems. Tracking attacker tactics will be key as supply chain threats grow, especially in AI software layers. Expect ongoing pressure on open-source infrastructure providers to balance ease of contribution with stricter security controls. Builders should anticipate heightened scrutiny in supply chain risk management as a baseline practice.

AI Quick Briefs Editorial Desk

Read Full Article →
Related
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
LiteLLM Vulnerability Chain Lets Low-Privilege Users Take Over AI Gateway Servers
Can open-source beat OpenAI?
Can open-source beat OpenAI?
Stay ahead of AI Get the most important AI news delivered to your inbox — free.
Subscribe →