THREAT OPS › Threat News › easy-day-js Targets Mastra, Dependency Attacks Grow
easy-day-js Targets Mastra, Dependency Attacks Grow
<div class="hs-featured-image-wrapper"> <a class="hs-featured-image-link" href="https://www.sonatype.com/blog/easy-day-js-targets-mastra-dependency-attacks-grow" title=""> <img alt="Image with text at center "sonatype-2026-003926, Mastra AI framework compromise"" class="hs-featured-image" src="https://www.sonatype.com/hubfs/blog_mastra_dependencies.png" style="width: auto !important; f
MITRE ATT&CK techniques
- JavaScriptT1059.007
- CredentialsT1589.001
- Malicious PackageAML.T0011.001
Indicators of compromise
- 695a64c8b2f317ab897e06471e59812emd5
- 033d257f6927cfeadcb5ae0e9086415bmd5
- https://www.stepsecurity.io/blog/mastra-npm-packages-compromised-using-easy-day-jsurl
- https://guide.sonatype.com/vulnerability/sonatype-2026-003926?__hstc=45788219.695a64c8b2f317ab897e06471e59812e.1781727572893.1781727572893.1781727572893.1&__hssc=45788219.1.1781727572893&__hsfp=033d257f6927cfeadcb5ae0e9086415burl
- https://mastra.ai/url
- https://research.jfrog.com/post/easy-day-js/url
- track.hubspot.comdomain
- 2fwww.sonatype.comdomain
- 252fwww.sonatype.comdomain