A malicious npm package mimicking an official ‘postmark-mcp’ project exfiltrated users’ email communications after adding a harmful line in version 1.0.16, affecting approximately 1,500 downloads and potentially thousands of emails. Users are advised to remove the package, rotate credentials, and audit their MCP servers. #Postmark #KoiSecurity
Keypoints
- The malicious package was a replica of the legitimate ‘postmark-mcp’ project and went unnoticed for weeks.
- In version 1.0.16, a line was added to exfiltrate user emails to an external address linked to the developer.
- The exfiltrated data included sensitive information such as passwords, 2FA codes, and customer details.
- The fake package was downloaded around 1,500 times before being removed from npm.
- Researchers recommend verifying project sources, reviewing code updates, and running MCP servers in sandboxed environments.