<ciso brief/>
Tag Banner

All news with #postmark tag

all tags →

Fri, September 26, 2025

MCP supply-chain attack via squatted Postmark connector

#Supply Chain Backdoor #Data Leak #AI Supply Chain #Agentic AI #Postmark #npm #Secrets Exposure

🔒 A malicious npm package, postmark-mcp, was weaponized to stealthily copy outgoing emails by inserting a hidden BCC in version 1.0.16. The package impersonated an MCP Postmark connector and forwarded every message to an attacker-controlled address, exposing password resets, invoices, and internal correspondence. The backdoor was a single line of code and remained available through regular downloads before the package was removed. Koi Security advises immediate removal, credential rotation, and audits of all MCP connectors.

read more →

Thu, September 25, 2025

Malicious npm 'postmark-mcp' Release Exfiltrated Emails

#Supply Chain Backdoor #Backdoor Found #Data Leak #AI Security #Postmark

📧 A malicious npm package posing as the official postmark-mcp project quietly added a single line of code to BCC all outgoing emails to an external address. Koi Security found the backdoor in version 1.0.16 after prior releases through 1.0.15 were verified clean. The tainted release was available for about a week and logged roughly 1,500 downloads. Users are advised to remove the package, rotate potentially exposed credentials, and run MCP servers in isolated containers before upgrading.

read more →