THREAT OPS › Threat News › A Forgotten Contributor Account Compromised the Entire Mastra npm Package Scope
A Forgotten Contributor Account Compromised the Entire Mastra npm Package Scope
A dormant contributor account was used to republish the entire @mastra npm scope, each injected with a single dependency, easy-day-js, that drops a cross-platform cryptocurrency stealer. Here is how the attack worked, how to check exposure, and how to remediate.