Mastra npm Org Compromised: Multiple Packages Trojanized to Drop a Remote Payload via easy-day-js | Blog | Endor Labs
-->
Introducing security for AI coding agents and workstations<br>Learn More
Learn
Research
Company
LeanAppSec
Pricing
Docs
Login
Book a Demo
Book Demo
By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. View our Privacy Policy for more information.
DenyAccept
18px_cookie
e-remove
Customize your preferences
Essential<br>Required
These items are required to enable basic website functionality.
Marketing
Essential<br>These items are used to deliver advertising that is more relevant to you and your interests.
Analytics
Essential<br>These items help the website operator understand how its website performs, how visitors interact with the site, and whether there may be technical issues.
Personalization
Essential<br>These items allow the website to remember choices you make (such as your user name, language, or the region you are in) and provide enhanced, more personal features.
Remove all cookiesSave & submit
Blog<br>Mastra npm Org Compromised: Multiple Packages Trojanized to Drop a Remote Payload via easy-day-js<br>A single hijacked maintainer account pushed multiple trojanized packages across the entire @mastra scope in 27 minutes, each carrying a typosquat dependency that runs a remote payload on install. Combined reach is over 28 million downloads a month.
Written by<br>Peyton Kennedy
Published on<br>June 17, 2026
Updated on<br>June 16, 2026
Topics<br>Malware
Summarize with AI
TL;DR<br>An attacker took over the account of a Mastra maintainer and used it to tamper with the project at scale. Over a 27-minute window, they republished the entire @mastra catalog. They left Mastra's own code alone. In each package they changed a single line, adding a hidden link to a counterfeit component named easy-day-js, a lookalike of a widely used tool called dayjs.
Mastra is an open-source toolkit that software developers use to build AI applications and agents. It comes from the team behind Gatsby and is widely adopted: the project's components are downloaded more than 28 million times a month by teams building on top of it. Like most modern software, Mastra is shipped as a set of small, reusable building blocks that other programs pull in automatically. That reach is what made one stolen account so dangerous.<br>easy-day-js is a typosquat. It impersonates dayjs down to the description and the bundled dayjs.min.js, but adds a postinstall hook that runs a dropper. On install, the dropper disables TLS certificate validation, fetches a second-stage payload from a raw IP address, writes it to the temp directory, runs it as a detached and hidden child process, and deletes itself.<br>Three things stand out about this incident:<br>The whole org went at once. This was not one package. It was a scripted sweep of 116 packages in under half an hour, ordered roughly by download count, which points to a hijacked account with publish rights across the entire scope rather than a single rogue release.<br>The carrier packages are clean; the payload is one level down. Every Mastra package is an unmodified library with a single poisoned dependency line. Scanners that only inspect the named package's own code will not see anything wrong. The malicious behavior lives in easy-day-js, and in most of the packages that dependency is never even imported.<br>A pre-staged decoy dependency. easy-day-js@1.11.21 was published a day earlier with no install hook, a clean decoy. The weaponized 1.11.22 landed at 01:01 UTC, eleven minutes before the Mastra sweep began.<br>Affected packages<br>All versions below are malicious and were published 2026-06-17. Pin to the last provenance-backed release of each and treat these specific versions as compromised.
Package<br>Malicious version<br>Published...