North Korean Hackers Poisoned 140+ npm Packages in an AI Dev Tooling Attack. Here's What Would Have Caught It.

The Incident

Microsoft's threat intelligence team has attributed a supply chain attack targeting the Mastra AI ecosystem to Sapphire Sleet (also tracked as BlueNoroff), a North Korean state-sponsored hacking group. The attackers compromised over 140 npm packages — not obscure, one-download throwaway packages, but packages embedded in the Mastra AI dependency graph that developers and AI coding tools actively pull.

The attack vector that makes this particularly sharp: AI-powered coding assistants. Tools like Copilot, Cursor, and similar LLM-backed IDEs don't just suggest code — they suggest, and sometimes auto-install, dependencies. If your AI assistant recommends mastra-some-utility and it's one of the 140 compromised packages, you might have malicious code running on your machine before you've finished reading the suggestion.

This is the intersection of supply chain security and AI developer tooling. It won't be the last attack designed around it.

How the Attack Worked