On 17 June 2026, attackers compromised a maintainer account associated with the Mastra npm organization and used it to republish 116 packages over a 27-minute period. Rather than modifying Mastra’s source code directly, the threat actor injected a malicious dependency, easy-day-js, into affected packages including @mastra/core, which receives hundreds of thousands of weekly downloads. Mastra is a widely adopted open-source framework for building AI applications, with more than 28 million monthly package downloads, significantly increasing the potential impact of the compromise across developer workstations, CI/CD pipelines, and build environments.
The attack leveraged a typosquatted package designed to impersonate the legitimate dayjs library. The malicious package initially appeared as a benign dependency before being updated shortly before the campaign to include an obfuscated postinstall hook that automatically executed during npm install. The loader disabled TLS certificate validation, downloaded a second-stage payload from attacker-controlled infrastructure, executed it as a detached background process, and removed traces of itself. Analysis of the second-stage malware revealed a cross-platform infostealer capable of harvesting browser data and information from more than 160 cryptocurrency wallet browser extensions, while also establishing persistence on Windows, macOS, and Linux systems and communicating with attacker-controlled command-and-control infrastructure. Because the malicious activity occurred during package installation and the compromised Mastra packages themselves contained otherwise legitimate code, organizations that installed affected versions should treat impacted systems as potentially compromised.