Mastra npm supply chain attack: what identity teams need to know

TL;DR: A hijacked npm contributor account republished 142 @mastra/* packages with a typosquatted dependency that runs at install time, enabling credential theft, wallet compromise, persistence and exfiltration across developer and CI environments, according to Orca Security. The incident shows how package-scope access and install-script execution turn software supply chains into identity and secrets risk, not just malware risk.

NHIMG editorial — based on content published by Orca Security: Mastra npm supply chain attack and install-time secret theft

By the numbers:

• The attacker executed an 88-minute automated campaign from 01:12 to 02:39 UTC.

Questions worth separating out

Q: What breaks when a malicious npm package can run install-time scripts on developer machines?

A: Install-time scripts turn dependency installation into an execution event, which means a package update can steal credentials, alter TLS behaviour, stage a second payload, and plant persistence before most controls see the change.

Q: Why do stale package publishing rights increase supply chain risk so much?

A: Stale publishing rights let a compromised or former contributor publish malicious releases inside a trusted scope, which makes version numbers and semver ranges part of the attack path.

Q: How do security teams know whether developer endpoints are leaking NHI secrets?

A: Look for unexpected token use, unusual outbound connections, unexplained browser profile access, and persistence mechanisms on workstations and build runners.

Practitioner guidance

• Audit package publishing rights and revoke stale contributors Review every npm scope and package owner list for abandoned or unnecessary publishing access, especially contributor accounts that no longer match current operational ownership.
• Inspect build pipelines for install-script execution Identify where npm install runs with script execution enabled in developer laptops, CI runners, and container builds.
• Rotate exposed secrets across all affected systems Treat any machine that installed the compromised packages as exposed and rotate npm tokens, GitHub tokens, cloud provider keys, LLM API keys, CI/CD secrets, SSH keys, database credentials, and wallet material created or cached on those endpoints.

What's in the full article

Orca Security's full research covers the operational detail this post intentionally leaves for the source:

• The full package list affected by the @mastra/* scope compromise, including the top-level packages and direct dependency path to easy-day-js.
• Operating-system specific persistence locations and artefact checks for Windows, macOS, and Linux.
• The exact network indicators associated with the attacker infrastructure and the recommended detection workflow.
• Orca's asset-context view for prioritising exposed workloads, CI runners, and developer environments.

👉 Read Orca Security's analysis of the Mastra npm supply chain attack →

Mastra npm supply chain attack: what identity teams need to know?

Explore further

View Full Forum →  |  NHI Foundation Course →