Lucene search
K

108 matches found

Microsoft Secure
Microsoft Secure
added 2026/06/18 3:43 a.m.32 views

From package to postinstall payload: Inside the Mastra npm supply chain compromise by Sapphire Sleet

In this article 1. Attack chain overview 1. Discovery and initial indicators 2. Dependency injection: the poisoned package.json 3. Typosquat analysis: easy-day-js 4. Staged delivery pattern 5. Obfuscation and payload analysis 6. TLS bypass to self-deletion 7. Timeline analysis 2. Who is Sapphire...

6.9AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 6:32 p.m.10 views

Malicious code in @mastra/loggers (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5225485064c54423eac85ed05753c97466d46c15d9b59dbe48193b115f538b3b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 6:27 p.m.11 views

Malicious code in @mastra/redis (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e9691125da52a04efba450b4c5dcbebe08a604a54f2e9420d95ce17f782f2728 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 11:50 a.m.10 views

Malicious code in @mastra/voice-playai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 095ae6a310d12472e2f23394b600c1465acb4921d1ae78a38893ff567518437f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 11:11 a.m.7 views

Malicious code in @mastra/github-signals (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector e263abbd9ed9975f3f8aaecfd1a780616bc3aef00238ed9ba9075b5bf4e38f37 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 11:10 a.m.8 views

Malicious code in @mastra/mem0 (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 0103dbf66edb7ceb716e244ea15e4a68e439052d93646cb1107c780e79620541 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 11:8 a.m.9 views

Malicious code in @mastra/node-audio (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5e67f59921eaf19b7b608ed824610779a1929306854008a2a1633edf67bca3b7 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 11:7 a.m.9 views

Malicious code in @mastra/react (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector bb2d86bcc71a172b3b3abf321bea01e031f13fcbd7cf94c490a5735f02f6dc8f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
The Hacker News
The Hacker News
added 2026/06/17 7:38 a.m.28 views

145 Mastra npm Packages Compromised via Hijacked Contributor Account

As many as 145 npm packages associated with the Mastra namespace "@mastra/", a popular open-source JavaScript and TypeScript framework for building artificial intelligence AI applications, have been compromised as part of a software supply chain attack codenamed easy-day-js , per findings from...

6AI score
Exploits0
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:12 a.m.7 views

Malicious code in @mastra/arize (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4a9417097d18abea911925be99fa31e70127eac4dcbcb16fb9eb5f20155a6650 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:9 a.m.9 views

Malicious code in @mastra/voice-elevenlabs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector f99d987467406ef04c81d4437451d8ba5f38649e85437a361470bb9fd94fbe53 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:8 a.m.8 views

Malicious code in @mastra/gcs (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 722de440c55cc50c4576818745c16ee5105f7cf4c61295943a07826b22be9387 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:7 a.m.7 views

Malicious code in @mastra/voice-openai (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 636dbce2606cf797f51ebd7c7e76ee2154a1e00e61b734cef90f19ca02ad397c The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.9 views

Malicious code in @mastra/voice-openai-realtime (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 623d77007529d1601a2da2b0ff1fc002dfa42282411ba1350b5bc720316d6c0f The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.7 views

Malicious code in @mastra/e2b (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 4951048ee56bb5e6a99f08e3c467615532d3c136918ceb9143cf1934ba4be370 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.8 views

Malicious code in @mastra/daytona (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 5f6f64aaa3f1a7153a8a1bcb09d5f37bf46cbd5855c6fbf2a2b07bdec3ff9d6b The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.8 views

Malicious code in @mastra/blaxel (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 2cecc2be49f20a0d56a77e30e6da0ad8716ecc2fe9410e6b83a93fbce2db5c66 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.6 views

Malicious code in @mastra/mcp-registry-registry (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 45ba997a42d41e72f38a36e0a6122b28388f73eb479dc41f7c1b77b6a75f91c8 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.8 views

Malicious code in @mastra/stagehand (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector a0705d4d586f3c6d9899944e40be408bf7a454e7f62ed811cb4ee5778d707f43 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
OSSF Malicious Packages
OSSF Malicious Packages
added 2026/06/17 5:6 a.m.7 views

Malicious code in @mastra/tavily (npm)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector d3b560f62205cd42db16500f1d7d8d845fcfe70e261994de22e6d7d1a30b5a95 The package was found to contain malicious code or consuming dependency that contains malicious code Source: ghsa-malware...

5.9AI score
Exploits0References2
Rows per page
Query Builder