cryptocurrency wallets

A supply chain attack compromised 144 npm packages in the Mastra namespace in June 2026, with a malicious dependency used to drop payloads that could steal wallet data, browser information and credentials.