Tag: npm registry

Microsoft Links North Korea to Mastra AI Supply Chain Compromise

Microsoft has uncovered a massive supply chain attack on the npm registry, where over 140 packages were compromised, and has linked the operation with high confidence to Sapphire Sleet, a notorious North Korean state actor known for targeting the financial sector. This large-scale attack highlights the growing threat of North Korean hacking groups.