← All articles

144 Mastra AI-framework npm packages backdoored via hijacked account

Attackers hijacked the npm account of a former contributor to Mastra, a popular open-source framework for building AI applications, and in an 88-minute automated burst republished 144 packages under the @mastra scope with a hidden malicious dependency. The poisoned dependency, a fake clone of a date library, runs at install time: it disables TLS checks, downloads a second-stage cryptocurrency-stealing trojan, runs it as a detached process, and deletes itself. Because @mastra/core alone sees over 900,000 weekly downloads and the payload fires on install, anyone who installed an affected version since June 16 could be compromised before importing anything. npm has pulled the malicious versions.

Check
Check whether any developer machine, CI runner, or build system installed an @mastra package on or after June 16, and scan for the malicious easy-day-js dependency and install-time persistence artifacts.
Affected
Developers and pipelines that installed any @mastra package (including @mastra/core) on or after June 16, 2026; the malicious easy-day-js dependency ran code automatically at install time.
Fix
Roll affected packages back to pre-incident versions, treat affected hosts as compromised, rotate all credentials, tokens, and AI keys, move any crypto wallet funds from a clean device, and require signed-package installs.