
As many as 144 npm packages associated with the Mastra namespace ("@mastra/*"), a popular open-source JavaScript and TypeScript framework for building artificial intelligence (AI) applications, have been compromised as part of a software supply chain attack codenamed easy-day-js, per findings from JFrog, SafeDep, Socket, and StepSecurity.
"A single npm account (ehindero) mass-published more
View the full article
Recommended Comments
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.