First Malicious MCP Server Found Stealing Emails in Rogue Postmark-MCP Package

Cybersecurity researchers discovered a malicious npm package, “postmark-mcp,” that stole emails by forwarding them to a developer’s server. The package, a replica of the legitimate Postmark Labs library, was uploaded to npm on September 15, 2025, and attracted 1,643 downloads before being deleted. Developers are advised to remove the package, rotate credentials, and review email logs for suspicious activity.