sergey2016

mentions 1 type Organization feed RSS

// recent coverage 1 mentions

10:28

2026-06-17

stepsecurity.io

ai-safety

Mastra NPM Supply Chain Attack: 140 Packages Backdoor via easy-day-JS Typosquat

On June 17, 2026, an attacker compromised the @mastra npm organization and added the typosquat package easy-day-js as a dependency across 140+ Mastra AI framework packages, exposing over 1.1 million w…

// co-occurs with top 7 entities

Mastra 1 easy-day-js 1 dayjs 1 npm 1 OpenAI 1 Anthropic 1 Google 1