Threat Intelligence Report

Mastra npm Scope Takeover: 141 Packages Drop a RAT

📅 June 17, 2026 📰 safedep.io 🔍 0 CVE(s) referenced

A compromised npm account enabled a coordinated supply chain attack that republished 141 Mastra packages with a stealthy dependency, easy-day-js, which installs a remote access trojan designed to steal cryptocurrency wallets and cloud credentials from any affected machine.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle