Nation-State Actors Are Now Targeting Your AI Agent's npm Packages
Microsoft Threat Intelligence reported that North Korean state-sponsored actor Sapphire Sleet compromised over 140 packages in the @mastra npm scope, targeting developers building AI coding tools. The…