According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called " postmark-mcp " that copied an official Postmark Labs library of the same name.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback