www.stepsecurity.io 7/1/2026, 1:32:19 PM · external

StepSecurity's Secure Registry Traces Malicious npm/PyPI Installs

StepSecurity's Secure Registry Traces Malicious npm/PyPI Installs
CyberSIXT Evidence Panel Source marked as original reporting

THE article discusses the new feature of StepSecurity's Secure Registry that allows users to trace npm and PyPI package installs back to the specific developer machine or CI pipeline responsible for pulling a compromised package. This capability arose after recent supply chain attacks, notably the compromise of the @mastra npm organization, which affected over 140 packages.

The Secure Registry records each request’s source, providing security teams with quick insight into affected machines and streamlining incident responses. Users can easily filter logs by package and version to identify the origin of malicious requests. This feature is designed to enhance both security measures and developer workflow by maintaining visibility without disrupting regular operations.

View full article

Article by CyberSIXT