Definition
A June 2026 supply chain attack in which an adversary gained control of a former contributor's npm (JavaScript package registry) account that had never had its access revoked, then republished the entire Mastra AI agent framework — 144 packages reaching roughly 8 million weekly downloads — with a malicious dependency injected that stole cryptocurrency wallets and developer credentials. The attack illustrates how a single forgotten, unrevoked developer account can compromise an entire open-source AI framework ecosystem. North Korean state-sponsored actor Sapphire Sleet was identified as responsible.
Why it matters
Every organisation whose developers use Mastra packages — or anything that depends on them — is a potential victim of credential and wallet theft; this incident underscores that AI framework dependencies carry the same supply chain risk as any other software component and require the same access hygiene controls.