Backdoored NPM Module Sent Sensitive Mail Copies to Threat Actor. A patient hacker hooked victims by building a reliable tool integrated into hundreds of developer workflows that connects artificial intelligence agents with an email platform. The unidentified software engineer published 15 flawless versions until he slipped in code copying users’ emails.
First seen on govinfosecurity.com
Jump to article: www.govinfosecurity.com/mcp-developer-executes-sneaky-heel-turn-by-copying-emails-a-29601
