CyberHappenings logo
Home Browse About

Track cybersecurity events as they unfold. Sourced timelines, daily updates. Fast, privacy‑respecting. No ads, no tracking.

Malicious npm Package Exfiltrates Emails via Postmark MCP

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

A malicious npm package named postmark-mcp, a replica of the official Postmark MCP project, was discovered to have exfiltrated users' email communications. The malicious version, released as 1.0.16, added a single line of code to forward all user emails to an external address. The package was available for a week and recorded around 1,500 downloads, potentially exposing sensitive information. The malicious package was published by a developer who maintained a legitimate appearance, and the package was a perfect replica of the authentic one in terms of code and description. The exfiltration was discovered by Koi Security researchers, who highlighted the risks associated with the lack of oversight and sandboxing in critical environments. Users who downloaded the malicious package are advised to remove it immediately, rotate any potentially exposed credentials, and audit all MCP servers in use for suspicious activity.

Timeline

  1. 25.09.2025 23:23 1 articles · 8h ago

    Malicious npm package postmark-mcp exfiltrates user emails

    A malicious npm package named postmark-mcp, a replica of the official Postmark MCP project, was discovered to have exfiltrated users' email communications. The malicious version, released as 1.0.16, added a single line of code to forward all user emails to an external address. The package was available for a week and recorded around 1,500 downloads, potentially exposing sensitive information. The malicious package was published by a developer who maintained a legitimate appearance, and the package was a perfect replica of the authentic one in terms of code and description. The exfiltration was discovered by Koi Security researchers, who highlighted the risks associated with the lack of oversight and sandboxing in critical environments. Users who downloaded the malicious package are advised to remove it immediately, rotate any potentially exposed credentials, and audit all MCP servers in use for suspicious activity.

    Show sources
    Open in new tab

Information Snippets

  • The malicious npm package postmark-mcp was a replica of the official Postmark MCP project, designed to interface with the Postmark email delivery platform.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • Version 1.0.16 of the malicious package added a single line of code to exfiltrate all user emails to an external address at giftshop[.]club.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • The malicious package was available for a week and recorded around 1,500 downloads.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • The exfiltration potentially exposed personal sensitive communications, password reset requests, two-factor authentication codes, financial information, and customer details.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • Koi Security researchers discovered the malicious package and highlighted the risks associated with the lack of oversight and sandboxing in critical environments.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • Users who downloaded the malicious package are advised to remove it immediately, rotate any potentially exposed credentials, and audit all MCP servers in use for suspicious activity.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources

  • The developer removed the malicious package from npm the following day after being contacted by BleepingComputer.

    First reported: 25.09.2025 23:23
    1 source, 1 article
    Show sources