SShortSingh.
TopTechnologyAI & MLStartupsProgrammingScienceBusinessFinanceCrypto & Web3World
Back to feed
Programming

First malicious MCP server hid in one line of code, silently BCC'd user emails

0
·1 views

In September 2025, security researchers at Koi Security identified the first known malicious MCP server in the wild, found inside a popular npm package called postmark-mcp. The package had operated legitimately across 15 versions, accumulating around 1,500 weekly downloads, before its maintainer added a hidden Bcc field in version 1.0.16 on September 17, 2025. The change silently forwarded all agent-sent emails — including content, recipients, and attachments — to a domain controlled by the attacker, while the tool continued functioning normally. The package was downloaded 1,643 times before being removed from npm; Postmark confirmed it had no affiliation with the package. Security experts warn the incident exposes a broader risk in AI agent tooling, where a previously vetted dependency can turn hostile in a later update without any visible behavioral change.

Read the full story at DEV Community

This is an AI-generated summary. ShortSingh links to the original source for the complete article.

Discussion (0)

Log in to join the discussion and vote.

Log in

Related stories

0
ProgrammingDEV Community ·

Laravel's chunkById() Method Prevents Memory Crashes When Processing Large Datasets

Laravel applications processing large datasets often face severe memory pressure when using methods like get() or cursor(), which load all records into memory at once. The root cause is not insufficient hardware but the inefficient practice of pulling entire datasets into PHP memory simultaneously. Laravel's chunkById() method addresses this by fetching and processing records in predefined batches, clearing memory after each chunk before loading the next. This approach ensures the application never holds the full dataset in RAM, making it well-suited for long-running console commands, background jobs, and data migrations. Developers can further combine chunkById() with Eloquent aggregations such as withCount or withSum for more advanced, memory-safe data processing workflows.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

Developer implements dark mode by remapping CSS variables instead of editing components

A developer added dark mode to an app containing roughly 1,200 hardcoded indigo and 2,600 hardcoded slate Tailwind class usages without modifying individual components. Instead of manually adding dark-mode variants to each component, they used two token-based strategies: replacing color names with a single brand token via a one-time codemod, and remapping Tailwind v4's slate color scale under a .dark CSS selector. Because Tailwind v4 already resolves utility classes through CSS variables, redefining those variables in the .dark scope caused every affected element across the codebase to flip automatically. The developer noted that a reversed color ramp requires careful handling of surface hierarchy and intentionally fixed colors for elements like dark CTAs and tooltips. The broader takeaway shared was that if a visual change requires editing many files, the property likely belongs in a design token rather than in component markup.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

DeepScope Uses AI to Automate Full Research Report Generation in Minutes

A platform called DeepScope has developed an AI-powered pipeline capable of automatically generating structured research reports from a single input question. The system replicates the traditional research workflow — including query understanding, information gathering, analysis, and citation formatting — in approximately five minutes, compared to two to three hours manually. The technical stack involves multiple asynchronous agents handling search and analysis tasks in parallel, followed by a report generator that assembles summaries, sections, conclusions, and references. Developers have shared the underlying code architecture on DEV Community, detailing prompt templates and Python modules for each pipeline stage. The project highlights a growing trend of using large language models to automate knowledge-intensive document workflows.

0 comments Read more at DEV Community
0
ProgrammingDEV Community ·

How a 15,000-Delegate Riyadh Expo Got Real-Time Crowd Tracking via RFID and Edge Computing

A tech team built a live physical analytics dashboard for a large B2B exhibition in Riyadh, Saudi Arabia, serving approximately 15,000 delegates. Passive UHF RFID chips embedded in attendee lanyards were read by antenna arrays installed above doorways, generating thousands of location data points per second without manual scanning. To ensure reliability, edge computing nodes processed and deduplicated data locally using MQTT before asynchronously syncing to a central cloud database, insulating the system from network outages. A React frontend consumed this data over WebSockets to render sub-second live heatmaps and sponsor ROI metrics on an SVG venue map. The architecture highlights a broader shift toward edge-first IoT pipelines for high-density physical environments where cloud connectivity cannot be guaranteed.

0 comments Read more at DEV Community