A newly discovered attack on the npm ecosystem has exposed a deceptive backdoor embedded in a malicious package impersonating Postmark. The package, named postmark-mcp, quietly siphoned off thousands of emails from unsuspecting developers and organizations, all with just one line of code. Over the course of 15 incremental releases, the threat actor behind postmark-mcp built […] The post Malicious Code in Fake Postmark MCP Server Steals Thousands of Emails appeared first on GBHackers Security | #1 Globally Trusted Cyber Security News Platform.
First seen on gbhackers.com
Jump to article: gbhackers.com/fake-postmark-mcp-server/
