Microsoft links Mastra AI supply chain attack to North Korean hackers
…When the compromised packages were installed, the malicious dependency executed a post-install hook that deployed a malware dropper on developers' devices, ultimately aimed at stealing sensitive credentials, API keys, authentication tokens…