A backdoored NPM module has alarmingly compromised sensitive emails by sending them to a threat actor’s server. Researchers from Koi revealed that the hacker integrated malicious code into a widely-used tool connecting AI agents with email services. The nefarious version of the package, postmark-mcp, introduced a hidden BCC instruction that routed all emails to an external address. Approximately 1,500 organizations downloaded the package, with an estimated 300 potentially exposing sensitive communications, including password resets and confidential documents. This incident underscores a significant threat within the npm ecosystem, which has seen a rise in supply chain attacks where hackers upload seemingly legitimate packages. Although the malicious module has been removed, systems using it remain vulnerable. With many organizations using Model Context Protocol (MCP) servers for AI integrations, experts stress the importance of vigilance and thorough vetting of software to prevent such risks. Staying paranoid is essential in today’s cybersecurity landscape.
Source link
