2 matches found
Malicious Package
Overview postmark-mcp is a malicious package. This is an MCP Model Context Protocol server intended to let AI assistants send emails via Postmark and it was reportedly modified to secretly exfiltrate email contents by adding a blind-copy BCC to an external domain. Note: If you have installed or...
PT-2024-10069
Name of the Vulnerable Software and Affected Versions mutt and neomutt affected versions not specified Description The issue is related to PGP encryption in mutt and neomutt, where the --hidden-recipient mode is not used. This may lead to the leakage of the Bcc email header field by inferring fro...