Abi Raghuram
@AbiCodeIntegrit
Working on guardrails for AI systems
We got @NotionHQ to leak your private Notion pages 💀 On Thursday @NotionHQ announced Notion 3.0 with support for custom agents using MCP (built by @AnthropicAI) — powerful, but dangerous. @simonw calls these MCP related attacks the “lethal trifecta”: the combination of LLMs,…
Official Azure MCP exploited to leak user's key vault secrets to attackers - tramlines.io/blog/azure-mcp…
Official Azure MCP exploited to leak user's KeyVault secrets to attackers - tramlines.io/blog/azure-mcp…
Official Azure MCP can leak user's Keyvault secrets to external attacker - tramlines.io/blog/azure-mcp…
Official Neon MCP exploit where attackers can exfiltrate user DB data and trigger unauthorized actions. -tramlines.io/blog/neon-offi…
Shortwave AI Email's MCP integration exploited: attackers exfiltrate users’ emails and other confidential data by hijacking MCPs. - tramlines.io/blog/why-short…
Why Shortwave.com AI Email with MCP integration Is a Phisher’s White Whale - tramlines.io/blog/why-short…
Our team found numerous exploits in the official Neon MCP, where attackers can embed malicious prompts in Neon database tables and trigger unauthorized malicious Neon MCP actions.
Our team found numerous exploits in the official Neon MCP, where attackers can embed malicious prompts in Neon database tables and trigger unauthorized malicious Neon MCP actions.
Our team found numerous exploits in the official Neon MCP, where attackers can embed malicious prompts in Neon database tables and trigger unauthorized actions.
x.com/wycats/status/… Tramlines.io publicly disclosed an exploit we found in the official Heroku MCP server today, which @wycats from Heroku felt wasn’t cool to disclose publicly and claimed we did it for “virality.” My guy, we’re in the business of powering…
First of all, I want to say that we took this extremely seriously internally. I personally spent several days really digging into the potential exploit vector and we had multiple security folks working to characterize the threat model.
Our team found a critical exploit with the official Heroku MCP where a user can inject a GET request to any hosted Heroku app and maliciously transfer ownership of the Heroku app to themselves. - tramlines.io/blog/heroku-mc…
Our team found a critical exploit with the official Heroku MCP where a user can inject a GET request to any hosted Heroku app and maliciously transfer ownership of the Heroku app to themselves. - tramlines.io/blog/heroku-mc…
United States เทรนด์
- 1. Cloudflare 232K posts
- 2. Gemini 3 32.8K posts
- 3. Saudi 149K posts
- 4. Jamal Khashoggi 6,828 posts
- 5. Salman 44.2K posts
- 6. #AcousticPianoCollection 1,338 posts
- 7. Piggy 72.4K posts
- 8. Robinhood 4,540 posts
- 9. Olivia Dean 4,341 posts
- 10. Pat Bev N/A
- 11. Antigravity 3,530 posts
- 12. Merch 66K posts
- 13. CAIR 28.7K posts
- 14. #LaSayoSeQuedóGuindando 1,805 posts
- 15. La Chona 1,907 posts
- 16. Taco Tuesday 15.9K posts
- 17. #MSIgnite 1,123 posts
- 18. #UnitedNationsBarbie 1,456 posts
- 19. Lane Kiffin 15.6K posts
- 20. Presidential Walk of Fame 4,213 posts
Something went wrong.
Something went wrong.