Microsoft attributes the Mastra AI npm supply chain attack to Sapphire Sleet, a North Korean state actor: 144 packages backdoored via a hijacked contributor account, targeting LLM API keys, cloud credentials, and cryptocurrency wallets.
North Korea's FAMOUS CHOLLIMA operation has expanded beyond revenue generation into systematic AI intellectual property theft, placing fake engineers inside foundation model developers, GPU cloud providers, and AI safety organisations. CrowdStrike, Microsoft, and the DOJ have documented the mechanism. The AI industry has not caught up.
Google's Threat Intelligence Group has confirmed the first known case of a nation-state actor using AI to generate a working zero-day exploit used in an active campaign. APT45 — a North Korean state-sponsored group — automated the discovery and validation of a 2FA bypass using thousands of recursive prompts. The exploit code contained forensic markers of AI generation.
An attacker compromised a stale npm contributor account on June 17, 2026 and republished 144 packages in the @mastra scope with a malicious typosquatted dependency that installs a cryptocurrency-stealing RAT. Developers building AI applications with Mastra's 1.1 million weekly downloads should rotate all credentials immediately.