Live Feeds
● LIVE Updated 2d ago · 15 sources tracked

Microsoft links Mastra AI supply chain attack to North Korean hackers

Microsoft researchers linked a supply chain attack on the Mastra AI framework to the North Korean group Sapphire Sleet. The campaign compromised over 140 npm packages to target developer credentials and CI/CD systems. The attackers used a hijacked contributor account to deploy the malware.

RSS Source map (15)

What changed

Microsoft formally attributed the Mastra AI npm compromise to the state-sponsored actor Sapphire Sleet.

Live updates

  1. Microsoft Attributes Mastra AI Supply Chain Attack to North Korean Hackers

    Microsoft researchers linked a supply chain attack on the Mastra AI framework to the North Korean group Sapphire Sleet. The campaign compromised over 140 npm packages to target developer credentials and CI/CD systems. The attackers used a hijacked contributor account to deploy the malware.

    What's confirmed:

    • Microsoft attributed the Mastra AI supply chain attack to the North Korean hacking group Sapphire Sleet, also known as BlueNoroff.
    • The attack compromised more than 140 npm packages within the Mastra ecosystem.
    • The campaign targeted developer workstations, CI/CD systems, and cryptocurrency wallets.
    • The attackers gained access by hijacking a contributor or maintainer account.

    Still unconfirmed:

    • The attack backdoored 144 packages in exactly 88 minutes.
    • The attack involved an easy-day-js typosquat.
    confidence 95%