Software Supply Chain Attack Compromises 144 npm Packages
A significant software supply chain attack, dubbed 'easy-day-js,' has led to the compromise of 144 npm packages within the Mastra framework, which is used for AI applications. Attackers gained control of a contributor account to publish malicious code. This incident underscores persistent cybersecurity vulnerabilities within developer ecosystems and software distribution channels.
Want more?
Open NewsSnap.ai for the full app experience, including audio, personalization, and more news tools.