Microsoft Links Mastra AI npm Supply Chain Attack To North Korean Hackers
VPN Central [Unofficial]
June 22, 2026
Microsoft has attributed the Mastra AI npm supply chain attack to Sapphire Sleet, a North Korean state-backed hacking group also known as BlueNoroff. The attack compromised more than 140 packages in the Mastra ecosystem and exposed developer workstations and CI/CD systems to credential theft. The campaign began with the takeover of the npm maintainer account […]
The post Microsoft Links Mastra AI npm Supply Chain Attack To North Korean Hackers appeared first on VPN Central.
Discussion in the ATmosphere