Olivia
Online
Pinned Tweet
仲間と一緒にMastra本を出版します!
基礎解説から、実務で使えるハンズオン3本、複数クラウドへのデプロイまで網羅しています。
本日Amazonで予約開始しました。Mastraを使ってAIエージェントを作りたい方、ぜひ手に取ってみてください!
https://t.co/uKEXeH6tWa
#Mastra実践入門
AgentCore harness の GA に伴う新機能解説ブログです。
LiteLLM対応, Managed memory (デフォルトでAgentCore memoryが利用可), HarnessSkill (Agent Toolkit for AWS, Git / S3パスを指定可), S3 Files 対応, Unified observability など、かなり使いやすくなってます。
https://t.co/bMl0GkvT3u
#パワポ作るマン でスライドを作りました!みんなも試してみてね👍
https://t.co/fUdTr93QMp
Who to follow
T. Yamahara | スマートラウンドVPoR 
@shonansurvivors
スマートラウンド執行役員VP of Reliability | SRE/コーポレートIT/セキュリティの���域を担当しています | SOC2 Type2取得 | 2023 〜2025 Japan AWS Top Engineers | CISA
アマツチ
@PAmatsuti
I love to think the way how to enjoy my life.
SE兼プログラマー(らしい)。仕事を減らす、先に終わったやつからあがれが好き。
フットワークの軽さと途切れない状態異常が特徴。
趣味はゲーム、鍛錬。
台湾独立加油
ちゃんけ@Webプロダクトエンジニア(フリーランス)
@wannabegauss
フリーランスのWebプロダクトエンジニア 企画・要件定義・基本設計からフロント(アーキテクチャ全般)・バック開発とディレクション・PdM(スクラムマスター)・AI導入
@ClickHouseJapan こちらこそありがとうございます😊
Yesterday, Mastra was hit by a supply chain attack.
A malicious postinstall script that exfiltrated credentials and then self-deleted was added to specific versions of our npm packages.
Most importantly: the incident is over. All relevant package versions are unpublished.
The root cause is that one of our maintainers was compromised.
Between 6:12 PM and 6:37PM PT yesterday, a token associated with their account published 116 malicious NPM packages, almost all in the `@mastra/` namespace.
We became aware of this at 8:45pm PT. We immediately contacted npm as well as trusted third parties (eg @SocketSecurity).
We also began unpublishing, and unpublished 59 packages.
As part of the attack, we lost access to some packages. Around 10:15pm PT, we were able to re-add our accounts to those packages. We began unpublishing the rest. In total, we unpublished 110 packages, and deprecated 6.
By 11:57pm PT, all affected packages were unpublished or deprecated.
At around 1am PT, we also published new, safe versions of each package affected (https://t.co/tWXe6DXtWa), so that installs would resolve
We have always required MFA on NPM for maintainers, but we also allowed (mistakenly) token bypass. Also around 1am PT, we removed token bypass across all packages.
At 2:25am PT, we established contact with the compromised maintainer. He is a current, active Mastra employee. His machine was compromised via a social phishing attack.
A compromised LinkedIn account reached out to him as well as maintainers of other prominent TypeScript open source packages. He was on a call and clicked a suspicious link.
This was the same attack vector as other open-source maintainers have reported (eg https://t.co/Ci2PjDBc65).
Around 4:40am, npm responded to the security ticket we'd filed and confirmed the breach. They unpublished the last 6 affected packages.
For a third-party report on the incident / malware, including a list of package versions affected, and the mechanisms of the RAT: https://t.co/mB7d68Z0JT.
We're continuing to keep reducing scope of sensitive credentials and enhance our use of MFA. Security is an ongoing process of review and hardening.
Thanks for the hugops. Stay safe out there. I'll be here answering questions.
【新刊】2026年7月6日発売『MastraによるAIエージェント構築・運用[実践入門]』本体3,600円+税,上田���逸,伊野瀬出,御田稔 著,Mastraについて体系的に学べる日本初の入門書!https://t.co/rZ2YGj5kUl
![gihyo_hansoku's tweet photo. 【新刊】2026年7月6日発売『MastraによるAIエージェント構築・運用[実践入門]』本体3,600円+税,上田���逸,伊野瀬出,御田稔 著,Mastraについて体系的に学べる日本初の入門書!https://t.co/rZ2YGj5kUl https://t.co/kup7Oniq3t](https://pbs.twimg.com/media/HLDnjQOa8AAc93Q.jpg)
React → https://t.co/a4QDSs9wxd
Next.js → https://t.co/nDDXqUmgw5
@aisdk is more relevant than ever, given the intense model competition landscape. Just today, GLM 5.2, an open model, surpassed Opus 4.8 in our Next.js Evals (https://t.co/aporqgIfIh) 🤯
But the world needs a practical solution for how to build and deploy agents. Just like React needed Next.js to solve the task of building an actual web application. And that's eve.
たぶん国内初のMastra本 (通称 ハリネズミ本) がリリース間近! Langfuseとの連携も!
https://t.co/dodTyCcCYQ?
イベント中には完成しなかったけど。
AWS Amplify × ClickHouse で、世界の基地局4,300万件を3D地球儀にプロットするアプリを作ってみた🌍📡
ズームすると個別の基地局まで。数千万行を数十ミリ秒で集計するClickHouseの速さがエグい⚡
#ClickHouseJapan
最新の動向喋ります!🦔
AIエージェントの最新動向とこれからのキャリア【Developers Online】 https://t.co/KmwX7Ric1x #devsumi
Agentic Tokyoでの登壇資料です!
過去最大のMCPアップデート! 2026-07-28 RC版の謎に迫る https://t.co/QTOZnga5Ge
#speakerdeck
AI SDK 7 beta is available now.
See some of the highlights below.
Last Seen Users on Sotwe
Trends for you
Most Popular Users
Elon Musk
@elonmusk
240.4M followers
Barack Obama
@barackobama
119.3M followers
Donald J. Trump
@realdonaldtrump
111.6M followers
Cristiano Ronaldo
@cristiano
109.9M followers
Narendra Modi
@narendramodi
106.9M followers
Rihanna
@rihanna
97.5M followers
NASA
@nasa
92.1M followers
Justin Bieber
@justinbieber
90.8M followers
KATY PERRY
@katyperry
87.3M followers
Taylor Swift
@taylorswift13
81.1M followers
Lady Gaga
@ladygaga
72.7M followers
Kim Kardashian
@kimkardashian
69.6M followers
Virat Kohli
@imvkohli
69.3M followers
YouTube
@youtube
68.6M followers
Bill Gates
@billgates
63.7M followers
The Ellen Show
@theellenshow
62.5M followers
Neymar Jr
@neymarjr
62M followers
CNN
@cnn
61.9M followers
X
@x
60.9M followers
Selena Gomez
@selenagomez
60.4M followers