What happened
On June 17, 2026 (UTC), an attacker compromised the @mastra npm organization account and republished 144 first-party packages with a malicious dependency on easy-day-js. The easy-day-js package contained an obfuscated postinstall script that executed a dropper payload, downloaded additional malware, and self-deleted. Mastra is a popular JavaScript/TypeScript AI agent framework used for building production agents.
Why it matters
This is a high-velocity supply-chain attack directly targeting the AI developer ecosystem. Mastra is widely used for building production AI agents. Any developer who ran `npm install` for @mastra packages between June 17-18 2026 had their development environment, CI/CD pipeline, and potentially production systems compromised. The attack vector — hijacked npm org account distributing across 144 packages — represents a critical failure mode in the open-source AI supply chain.
Attack vector
Compromised npm organization account; attacker injected easy-day-js (typosquat of dayjs) as a transitive dependency across 144 first-party Mastra packages. Post-install dropper executed on package installation, downloaded second-stage payload from attacker-controlled servers, then self-deleted to evade detection.
Affected systems
Mastra AI agent framework (@mastra/core, @mastra/utils, @mastra/agent-browser, and 141 additional packages)
Mitigation
Immediately audit any systems that installed @mastra packages on or after June 17, 2026 UTC. Rotate all credentials, PATs, API keys, and secrets from affected machines. Check npm audit logs for installation timestamps. Pin Mastra package versions to pre-June 17 releases. Enable npm 2FA and consider workspace lockfile pinning for all AI framework dependencies.