Skip to content
supplychainattack.orgSupply chain attack incident catalog
activecritical

Mastra npm Supply Chain Attack: 140+ Packages Backdoored via easy-day-js Typosquat

On June 17, 2026, an attacker compromised the @mastra npm organization and injected easy-day-js, a typosquat of the popular dayjs library, as a dependency across 140+ packages. The malicious package contained an obfuscated postinstall dropper that downloaded and executed a second-stage payload from attacker-controlled servers before self-deleting. The affected packages had a combined weekly download count exceeding 1.1 million.

ShareXLinkedInHacker News
Disclosed
Last updated
Blast radius
140+ npm packages in the Mastra AI framework ecosystem with combined weekly downloads exceeding 1.1 million
Ecosystems
npm
Attack vectors
Compromised packageTyposquattingMalicious maintainer
Affected entities
  • @mastra (organization)140+ packages compromised; easy-day-js added as dependency
  • easy-day-jsTyposquat of dayjs; contained obfuscated postinstall dropper

On June 17, 2026, the @mastra npm organization was compromised, and an attacker added easy-day-js as a dependency across 140+ packages within the Mastra AI framework ecosystem. easy-day-js is a typosquat of the legitimate dayjs date library, designed to deceive developers into installing the malicious package.

The malicious easy-day-js package contained an obfuscated postinstall script that executed during installation. This script downloaded and ran a second-stage payload from attacker-controlled servers, then deleted itself to remove evidence of the compromise.

The attack had significant reach: the affected @mastra packages combined for weekly download counts exceeding 1.1 million. Any installation of affected @mastra packages on June 17, 2026 or later would have resulted in execution of the malicious payload.

The incident represents a multi-vector supply chain attack combining account/organization compromise with typosquatting and automated malware delivery via postinstall hooks.

Indicators of compromise

Packages
  • easy-day-js

Remediation

  • Immediately audit npm audit logs and package-lock.json files for installations of @mastra packages and easy-day-js on or after June 17, 2026
  • Treat any environment where @mastra packages were installed as potentially compromised; perform forensic analysis for signs of second-stage payload execution
  • Remove all @mastra packages and easy-day-js from affected environments
  • Rotate all credentials, API keys, and secrets that may have been exposed on compromised systems
  • Monitor for indicators of compromise from the attacker-controlled servers mentioned in the dropper
  • Update to patched versions of @mastra packages once the organization regains control and publishes security updates
  • Implement stricter npm package verification and dependency pinning practices
  • Enable npm 2FA and organization-level access controls to prevent account takeover

Sources

  1. Mastra npm Supply Chain Attack: 140+ Packages Backdoored via easy-day-js Typosquat · StepSecurity

Cite this entry

"Mastra npm Supply Chain Attack: 140+ Packages Backdoored via easy-day-js Typosquat." supplychainattack.org, Supply Chain Attack Incident Catalog. Disclosed June 17, 2026; last updated June 20, 2026. https://supplychainattack.org/incident/mastra-npm-supply-chain-attack-140-packages-backdoored-via-easy-day-js-typosquat-o3zznw

Suggest a correction

Found an error or have a newer source? Corrections to factual errors take priority over new entries.

Related incidents

  1. activecritical

    The Worm That Keeps on Digging: TeamPCP Hits @antv in Latest Wave

    TeamPCP conducted a multi-ecosystem supply chain compromise targeting the @antv package and associated development infrastructure. The attack leveraged GitHub, NPM, and VSCode to steal credentials and establish persistence mechanisms.

    TeamPCPnpmOtherAccount takeoverCompromised packageMalicious maintainer
  2. resolvedcritical

    Behind the Scenes: How StepSecurity Detected and Helped Remediate the Largest npm Supply Chain Attack

    StepSecurity detected a compromise of axios, described as the largest npm supply chain attack on a single package by download count. A state-sponsored threat actor is reported to have actively suppressed warnings by deleting GitHub issues. Detection occurred before public disclosure.

    UNC1069npmCompromised packageMalicious maintainer
  3. activecritical

    15 Malicious JetBrains Plugins Stole AI API Keys from 70,000 Developers

    A coordinated 8-month supply chain attack compromised 15 malicious JetBrains plugins on the official JetBrains Marketplace, stealing AI API keys from approximately 70,000 developers. The credential-stealing code exfiltrated OpenAI, DeepSeek, and SiliconFlow API keys to an attacker-controlled server in Beijing, which remained operational at the time of disclosure.

    OtherCompromised packageMalicious maintainer
  4. containedcritical

    TeamPCP Injects Two-Stage Credential Stealer into xinference PyPI Package

    The xinference package on PyPI was compromised with a two-stage credential stealer attributed to the TeamPCP threat actor. The malicious code was injected into the package, potentially affecting users who installed compromised versions.

    TeamPCPPyPICompromised packageMalicious maintainer