Postmark MCP - Malicious Email Backdoor
Apparently, someone has cloned official postmark-mcp and published their version in npm using postmark-mcp.
And it had roughly 1,500 downloads per week in npm. Some people might have installed assuming that its a official version.
However on version 1.0.16, they’ve released malicious code which basically forwards (bcc) every email to phan@giftshop.club
Imagine you were using that MCP to send something confidential like API key, the attacker has access to it 😅
How to safeguard ourself?
This is a good lesson that you should not be using a random MCP.
And even for the official ones, it is recommended to use explicit versioning for anything that is mission critical.