Cybersecurity researchers have uncovered a large scale software supply chain attack targeting the Mastra ecosystem, an open source JavaScript and TypeScript framework widely used for developing artificial intelligence applications. According to investigations conducted by Endor Labs, JFrog, SafeDep, Socket, and StepSecurity, threat actors compromised 144 npm packages associated with the “@mastra/*” namespace through a campaign identified as easy day js. Researchers determined that the attackers gained access through a hijacked npm account belonging to a legitimate former Mastra contributor whose publishing permissions had reportedly not been revoked. Security analysts stated that the malicious activity involved the rapid publication of more than 140 altered packages within a period of approximately 88 minutes on June 17, 2026. The incident has raised concerns across the software development community because Mastra is commonly used in environments that contain highly sensitive assets, including source code, cloud credentials, signing certificates, and artificial intelligence service keys.
Investigators found that the compromised packages did not contain malicious code directly. Instead, the threat was introduced through a third party dependency called “easy day js,” which was added to the affected packages as part of an automated publishing operation. SafeDep researchers reported that the package was designed to mimic the legitimate “dayjs” date library and initially appeared to be a harmless and functional software component when it was first published on June 16, 2026. However, malicious functionality was later added to the package on June 17, transforming it into a delivery mechanism for malware. Once installed, the dependency executed an obfuscated payload through a post installation script. This loader disabled transport layer security certificate validation, contacted attacker controlled infrastructure, and downloaded a second stage payload. The malware then launched as a detached background process and attempted to remove traces of its initial installation to reduce the likelihood of forensic detection. Researchers described the approach as a combination of trusted software impersonation, dependency poisoning, and staged malware delivery designed to evade traditional security controls.
The final payload deployed through the campaign was identified as a cross platform information stealing trojan capable of targeting Windows, macOS, and Linux systems. Security researchers found that the malware could collect browser history, extract information from more than 160 cryptocurrency wallet browser extensions, establish persistence mechanisms, and transmit stolen data to command and control servers operated by the attackers. The malware was also capable of receiving remote instructions, including downloading additional modules from attacker supplied locations and executing them on infected systems. Researchers noted that the operation demonstrated a sophisticated understanding of software supply chain attack techniques, combining clean decoy packages, runtime payload delivery, self deleting components, persistence mechanisms, and remote control capabilities. According to JFrog, even if the original malicious package is removed after installation, the secondary payload may remain active and continue operating on compromised hosts. The attack therefore creates risks that extend beyond the initial package installation process.
Security firms further revealed that the attackers bypassed security measures normally associated with Mastra package releases. SafeDep noted that legitimate Mastra releases are typically distributed through continuous integration systems using npm trusted publisher workflows and SLSA provenance attestations. In contrast, the malicious versions were reportedly published using a personal authentication token and lacked the expected provenance information. Researchers stated that organisations enforcing package signature verification or attestation requirements could have detected and blocked the malicious releases. Security experts have advised organisations that installed affected package versions to treat development workstations, continuous integration environments, and build systems as potentially compromised. Recommended actions include rolling back to known safe package versions, rotating credentials, reviewing systems for indicators of compromise, and investigating any potential unauthorised access. The impact of the campaign is amplified by the popularity of packages such as @mastra/core, which receives hundreds of thousands of weekly downloads. Researchers warned that because the malicious payload executed during installation, systems could be compromised even if developers never imported or actively used the affected packages after installation.
Follow the SPIN IDG WhatsApp Channel for updates across the Smart Pakistan Insights Network covering all of Pakistan’s technology ecosystem.
