A npm package copying the official 'postmark-mcp' project on GitHub turned bad with the latest update that added a single ...
Arabian Post on MSN
MCP Package Hijack Funnels Sensitive Emails to Attacker
A malicious version of the npm package postmark-mcp, masquerading as a tool to enable AI agents to send email via Postmark, has been uncovered siphoning off every message it processes. The compromised ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback