Threat Intelligence Report

From package to postinstall payload: Inside the Mastra npm supply chain compromise

📅 June 18, 2026 📰 www.microsoft.com 🔍 0 CVE(s) referenced

A sophisticated supply chain attack on the Mastra npm ecosystem leveraged a compromised maintainer account to inject a malicious dependency into over 140 packages, enabling stealthy postinstall malware execution that threatened developer workstations, CI/CD environments, and downstream software integrity.

vendor

🔐 Sign In to Read Full Report

You'll need to accept our Terms of Service to access the platform.

📊 Visual Mindmap

🎯 IOC Extraction

⚔️ MITRE ATT&CK TTPs

📦 STIX 2.1 Bundle