ShellCodeX
Tools • Events • News • Insights
ShellCodeX Intelligence Brief
HIGH Open Source

Microsoft ties Mastra AI npm supply-chain incident to Sapphire Sleet

Source headline: Microsoft links Mastra AI supply chain attack to North Korean hackers

Threat level High
Signal strength 75/100
Source confidence 1 source
Published 4 hours ago

Intelligence Summary

Microsoft says the Mastra AI supply chain compromise traced back to the North Korean group Sapphire Sleet (BlueNoroff). The incident involved malicious activity that affected more than 140 npm packages. If developers installed those packages, they may have unintentionally pulled in attacker-controlled code. This shows how AI-related tooling can be abused through common package ecosystems. Teams using npm and AI tooling should review affected dependencies and tighten supply-chain controls.

Recommended Action

Review affected assets, schedule urgent remediation, and monitor related indicators.

Topics

#supply-chain #npm #malicious-dependencies #mastra-ai #north-korea
Original reporting BleepingComputer Microsoft links Mastra AI supply chain attack to North Korean hackers
Open original source

Related Pulse Signals

View all signals
Critical · Cybersecurity AutoJack lets a web page hijack an AI agent to execute host code High · Cybersecurity Microsoft traces Windows USB LNK clipper to Tor-based hidden-service C2 High · Cybersecurity DragonForce links Backdoor.Turn to Microsoft Teams relays for stealth C2 High · Infrastructure Microsoft resolves Windows Server 2016 June 2026 update failures