THE DAILY CYBER.
Wednesday, June 17, 2026 · Cyber news, in panels.
More than 140 Mastra npm packages were compromised through a hijacked contributor account and a malicious easy-day-js dependency. Teams should audit recent installs, remove affected versions, and rotate developer API keys or wallet secrets.

Mastra npm packages hit by supply-chain compromise

More than 140 Mastra npm packages were compromised through a hijacked contributor account and a malicious easy-day-js dependency. Teams should audit recent installs, remove affected versions, and rotate developer API keys or wallet secrets.

Yesterday Permalink

Get tomorrow's comic in your inbox

One panel a day. No spam, unsubscribe with one click.