Fake Postmark MCP npm package stole emails with one-liner
Briefly

Fake Postmark MCP npm package stole emails with one-liner
"A fake npm package posing as Postmark's MCP (Model Context Protocol) server silently stole potentially thousands of emails a day by adding a single line of code that secretly copied outgoing messages to an attacker-controlled address. In a blog post late last week, Postmark warned users about "postmark-mcp" on npm impersonating the email delivery service and stealing its users' emails."
"While we don't know how many organizations were affected by this security incident, Postmark boasts "thousands" of customers, including Ikea, Asana, Minecraft, and 1Password, on its website. And Koi Security, which discovered the malicious package, says it was downloaded about 1,500 times in a week, integrated into hundreds of developer workflows, and likely stole thousands of emails every day before the Paris-based developer removed the malicious package."
A fake npm package impersonating Postmark's MCP server included a backdoor that silently BCC'd outgoing emails to an attacker-controlled address. The malicious package built trust across 15 versions and added the exfiltration code in version 1.0.16. The compromise was downloaded roughly 1,500 times in a week and integrated into hundreds of developer workflows, likely stealing thousands of emails per day. Potentially exposed contents include password resets, MFA codes, invoices, financial details, confidential business documents, and customer information. Postmark disavows involvement, and users are advised to remove the package, inspect email logs, and rotate any credentials sent via email.
Read at Theregister
Unable to calculate read time
[
|
]