MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
code
Search

One line of malicious npm code led to massive Postmark email heist

Monday September 29, 2025. 10:44 PM , from TheRegister
MCP plus open source plus typosquatting equals trouble
A fake npm package posing as Postmark's MCP (Model Context Protocol) server silently stole potentially thousands of emails a day by adding a single line of code that secretly copied outgoing messages to an attacker-controlled address.…
Read more at TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/09/29/postmark_mcp_server_code_hijacked/

Related News

code New Claude Model Runs 30-Hour Marathon To Create 11,000-Line Slack Clone SlashdotSep 29
npm Escalation in Akira Campaign Targeting SonicWall VPNs, Deploying Ransomware, With Malicious Logins SlashdotSep 27
line What is infrastructure as code? Automating your infrastructure builds InfoWorldSep 26
mcp One of TikTok’s network boffins says it causes ‘massive data wastage’ TheRegisterSep 23
plus Web Codegen Scorer evaluates AI-generated web code InfoWorldSep 23
one DeepSeek AI’s code bias sparks alarm over politicized AI outputs and enterprise risk ComputerWorldSep 18
heist DeepSeek Writes Less-Secure Code For Groups China Disfavors SlashdotSep 18
email Microsoft Favors Anthropic Over OpenAI For Visual Studio Code SlashdotSep 17
malicious OpenAI's Teen Safety Features Will Walk a Thin Line Wired: Tech.Sep 16
led Gearbox CEO Randy Pitchford Tells Borderlands 4 Critics To 'Code Your Own Engine,' Calls It a Game For 'Premium Gamers' SlashdotSep 16
massive New AI-powered code intelligence platform speeds up modernization efforts BetaNewsSep 16
postmark Qwen Code is good but not great InfoWorldSep 16
code ChatGPT: Why do most of your users ask for help writing - prose, not code? TheRegisterSep 16
npm Down and out with Cerebras Code InfoWorldSep 15
line Open source Cloud Hypervisor adds (maybe futile) no-AI-code policy TheRegisterSep 15
mcp E-Bike Injuries Are a Massive Burden, Say Surgeons SlashdotSep 13
plus SK Hynix cranks up the HBM4 assembly line to prep for next-gen GPUs TheRegisterSep 12
one Hack to school: Parents told to keep their little script kiddies in line TheRegisterSep 12
heist ‘IT manager’ needed tech support because they had never heard of a command line TheRegisterSep 12
email VS Code 1.104 emphasizes AI model selection, agent security InfoWorldSep 12
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Current Date
Sep, Tue 30 - 06:16 CEST