Koi Security
-
Researchers find malicious ‘postmark-mcp’ npm package that forwarded emails to attacker
Researchers say a malicious npm package named “postmark-mcp” copied an official library and, beginning with version 1.0.16, BCC’d every email to an external address, exposing potentially sensitive communications; the package has been removed from npm and users are urged to revoke credentials and check logs.
-
Widespread Browser Hijacking Campaign Disguised as Popular Extensions
A report by Koi Security has exposed a malicious browser hijacking campaign that has infected over 2.3 million users through seemingly legitimate extensions, highlighting significant security concerns in the browser extension ecosystem.
