A popular MCP server in the NPM repository that was being downloaded 1,500 times a week suddenly began quietly copying emails and sending them to a C2 server after the developer inserted a line of code. Koi Security researchers said the incident highlights the security threats organizations are letting in through their blind trust of AI tools.
First seen on securityboulevard.com
Jump to article: securityboulevard.com/2025/09/malicious-mcp-server-found-quietly-stealing-emails/
