A malicious npm package<\/a> masquerading as the official Postmark MCP Server<\/a> has been exfiltrating user emails to an external server.\u00a0<\/p>\n This fake \u201cpostmark-mcp\u201d module, available on npm from versions 1.0.0 through 1.0.15, built trust over 15 incremental releases before dropping a backdoor in version 1.0.16.\u00a0<\/p>\n The stealthy payload consisted of a single line of code that silently BCC\u2019d every outbound email<\/a> to the attacker\u2019s domain.<\/p>\n According to Postmark the attacker published the \u201cpostmark-mcp\u201d package under the guise of ActiveCampaign\u2019s Postmark MCP Server library.\u00a0<\/p>\n By aligning naming, versioning, and package description with legitimate Postmark conventions, the malicious actor evaded cursory scrutiny.\u00a0<\/p>\n Developers integrating MCP services via npm install postmark-mcp unknowingly pulled in a trojanized dependency. In version 1.0.16, a lone line inserted into the main transport script added unauthorized BCC functionality:<\/p>\n This code snippet hooks into the existing Postmark client workflow, leveraging the addHeader method to duplicate outbound emails.\u00a0<\/p>\n Because the malicious line is syntactically innocuous and embedded alongside legitimate header setup logic, it escaped notice in code reviews and automated security scans.<\/p>\n Thousands of email messages exchanged between developers and their users were silently forwarded to the attacker\u2019s server.\u00a0<\/p>\n Although the legitimate Postmark API and official SDKs remain uncompromised, organizations relying on unverified third-party packages may have suffered unauthorized data leakage.<\/p>\n Postmark urges all users to immediately:<\/p>\n Postmark reaffirms<\/a> that it has never published a \u201cpostmark-mcp\u201d library on npm. The official packages and SDKs are listed in the Postmark documentation and GitHub repository.\u00a0<\/p>\n Users can verify package authenticity by checking the postmark and postmark.js libraries maintained at github.com\/ActiveCampaign\/postmark and consulting the API docs at Postmark\u2019s developer portal.<\/p>\n This incident highlights the critical importance of vetting third-party dependencies. Integrating only officially documented libraries ensures that your email infrastructure remains secure.<\/p>\n Follow us on Google News<\/a>, LinkedIn<\/a>, and X<\/a> for daily cybersecurity updates. Contact us<\/a> to feature your stories.<\/strong><\/p>\n The post Fake Postmark MCP Server Silently Stole Thousands of Emails With a Single Line of Malicious Code<\/a> appeared first on Cyber Security News<\/a>.<\/p>\n<\/div>\nPostmark-mcp BCC Email Exfiltration Attack<\/strong><\/h2>\n
![\"Fake](\"https:\/\/i0.wp.com\/cybersecuritynews.com\/wp-content\/uploads\/2025\/09\/image-199.png?resize=601%2C51&ssl=1\")
<\/figure>\n<\/div>\n\n
![\"Fake](\"https:\/\/i0.wp.com\/cybersecuritynews.com\/wp-content\/uploads\/2025\/09\/image-198.png?resize=328%2C43&ssl=1\")
<\/figure>\n<\/div>\n\n