一个假的 npm 软件包窃取敏感数据, 通过秘密密取邮件到攻击者的地址。 A fake npm package stole sensitive data by secretly BCCing emails to an attacker's address.

一个名为“postmark-mcp”的恶意 npm 软件包假冒一个合法的 Postmark 工具, 秘密地将每天数千封电子邮件发送到攻击者控制的地址 。 A malicious npm package named "postmark-mcp" impersonated a legitimate Postmark tool, secretly BCCing thousands of emails daily to an attacker-controlled address. 该假软件包每周下载约1 500次,利用开放的《示范背景协议》生态系统窃取敏感数据,包括密码保留和财务细节。 The fake package, downloaded around 1,500 times in a week, exploited the open Model Context Protocol (MCP) ecosystem to steal sensitive data including password resets and financial details. 安全研究人员根据合法的邮戳GitHub代码追踪后门到一行代码, 将电子邮件发送到“phan@giftshop[.]club”。 Security researchers traced the backdoor to a single line of code based on legitimate Postmark GitHub code, routing emails to "phan@giftshop[.]club." 这一事件与MCP服务器失密有关,暴露了开放源码依赖性和AI工具集成的系统性风险。 The incident, linked to a compromised MCP server, exposed systemic risks in open-source dependencies and AI tool integration. GitHub的反应是收紧npm保安系统,缩短代号寿命,并强制对出版工作进行两要素认证。 GitHub is responding by tightening npm security with shorter token lifetimes and mandatory two-factor authentication for publishing. Postmark和PactiveCampaign确认没有参与,并敦促用户删除软件包、审查日志和轮换证书。 Postmark and ActiveCampaign confirmed no involvement and urged users to remove the package, review logs, and rotate credentials.