All Topics
All Topics
Technology
Technology
AI
AI
Business
Business
Entertainment
Entertainment
News
News
Programming
Programming
Science
Science
Design
Design
Environment
Environment
Finance
Finance
Crypto
Crypto
Politics
Politics
Sports
Sports
Education
Education
Gaming
Gaming
Art
Art
Music
Music
Health
Health
Security
Security
Books
Books
Food
Food
Travel
Travel
Personal
Personal
Bluesky
Twitter

Microsoft attributes Mastra AI supply chain attack affecting 140+ npm packages to North Korean hackers

By

BleepingComputer

17d ago· 1 min readenNews

Summary

Microsoft has attributed the Mastra AI supply chain attack, which compromised over 140 npm packages, to Sapphire Sleet (BlueNoroff), a North Korean state-sponsored hacking group. The attackers compromised the ehindero maintainer account to publish malicious package updates that delivered the easy-day-js dependency and a cross-platform information stealer targeting credentials, API keys, and cryptocurrency wallets.

Source

bskyMicrosoft attributes Mastra AI supply chain attack affecting 140+ npm packages to North Korean hackershendryadrian.com

Key quotes

· 3 pulled
Microsoft says the Mastra AI supply chain attack that hit more than 140 npm packages was carried out by Sapphire Sleet, also known as BlueNoroff, a North Korean state actor.
The compromised packages delivered the easy-day-js dependency and a cross-platform stealer aimed at credentials, API keys, and cryptocurrency wallets.
Attackers compromised the ehindero maintainer account to publish malicious package updates.
Snippet from the RSS feed
Microsoft says the Mastra AI supply chain attack that hit more than 140 npm packages was carried out by Sapphire Sleet, also known as BlueNoroff, a North Korean state actor. The compromised packages delivered the easy-day-js dependency and ...

You might also wanna read

Comments

Sign in to join the conversation.

No comments yet. Be the first.