URL has been copied successfully!
Sapphire Sleet Hijacks npm Maintainer Account to Publish Poisoned Mastra Packages
URL has been copied successfully!

Collecting Cyber-News from over 60 sources

Sapphire Sleet Hijacks npm Maintainer Account to Publish Poisoned Mastra Packages


Tags: , , ,

A widespread npm supply”‘chain compromise to Sapphire Sleet, a North Korean state actor, after the takeover of an npm maintainer account enabled the mass publication of poisoned Mastra packages that silently delivered a multi”‘stage implant. The campaign, disclosed June 19, 2026, began when the attacker gained control of the ehindero maintainer identity an account with […] The post Sapphire Sleet Hijacks npm Maintainer Account to Publish Poisoned Mastra Packages appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.

First seen on gbhackers.com

Jump to article: gbhackers.com/sapphire-sleet-hijacks-npm/

Loading

Share via Email
Share on Facebook
Tweet on X (Twitter)
Share on Whatsapp
Share on LinkedIn
Share on Xing
Copy link

also interesting:

  1. Cybersecurity Snapshot: NIST Offers Zero Trust Implementation Advice, While OpenAI Shares ChatGPT Misuse Incidents
  2. Ransomware attacks: The evolving extortion threat to US financial institutions
  3. Top 10 Cybersecurity Predictions for 2026
  4. The culture you can’t see is running your security operations