According to Koi Security, a legitimate-looking developer managed to slip in rogue code within an npm package called " ...
The security researchers who discovered the malicious npm package called it the “first malicious MCP in the wild” ...
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback