English
English Indonesia Türkçe Deutsch Español Português Pусский Français Italiano Nederlands Polski العربية ไทย Tiếng Việt 繁體中文 简体中文 日本語 한국어

#mcpvulnerabilities search results

b_zheimer's profile picture. Pourquoi tombons nous Bruce ?
Batman 𓅓
 @b_zheimer
11 h

Et ya aussi l'aspect injection/tool poisoning. Les fonctions de ton mcp peuvent être détournées à l'insu de l'utilisateur, plus ça permet de faire de chose plus c'est dangereux

0
0
0
0
15
Checkmarx's profile picture. Checkmarx is how the world’s largest enterprises can finally get ahead of application risk without slowing down development.
Checkmarx
@Checkmarx
12 h

MCP is quickly becoming the “USB-C” of AI agents, standardising how models connect to tools, data, and systems. But that also creates a completely new security surface far beyond traditional AppSec. Tal Folkman and Ricardo Goncalves break down 11 emerging MCP risks: prompt…

Checkmarx's tweet image. MCP is quickly becoming the “USB-C” of AI agents, standardising how models connect to tools, data, and systems. But that also creates a completely new security surface far beyond traditional AppSec. Tal Folkman and Ricardo Goncalves break down 11 emerging MCP risks: prompt…
Checkmarx's tweet image. MCP is quickly becoming the “USB-C” of AI agents, standardising how models connect to tools, data, and systems. But that also creates a completely new security surface far beyond traditional AppSec. Tal Folkman and Ricardo Goncalves break down 11 emerging MCP risks: prompt…
Checkmarx's tweet image. MCP is quickly becoming the “USB-C” of AI agents, standardising how models connect to tools, data, and systems. But that also creates a completely new security surface far beyond traditional AppSec. Tal Folkman and Ricardo Goncalves break down 11 emerging MCP risks: prompt…
0
0
0
0
63
zahidsharp's profile picture. Building the Future of AI Workforce | Founder at Jutsu | Autonomous Agents | Driving Agent Development | OrangeDAO W24
Zahidul Islam
@zahidsharp
13 h

Architecting secure enterprise AI agents with MCP MCP is becoming the standard way to connect AI agents to tools, APIs, and internal systems — but it’s also becoming a high-value attack surface. Recent incidents show why: - A malicious MCP server on npm quietly exfiltrated…

zahidsharp's tweet image. Architecting secure enterprise AI agents with MCP MCP is becoming the standard way to connect AI agents to tools, APIs, and internal systems — but it’s also becoming a high-value attack surface. Recent incidents show why: - A malicious MCP server on npm quietly exfiltrated…
0
0
0
0
32
ctbbpodcast's profile picture. A 'by Hackers for Hackers' podcast focused on technical bug bounty content. Exploits, techniques, stories, bounties. Hosts: @rhynorater, @rez0__, @gr3pme
Critical Thinking - Bug Bounty Podcast
@ctbbpodcast
15 h

1- MCP traffic is just JSON-RPC over stdio/HTTP/SSE. It’s dead simple to spoof or replay, so treat the client/server boundary as an actual attack surface. 2- The init handshake exposes an instructions field that often gets merged into the system-prompt. That’s a direct…

0
0
3
3
446
ctbbpodcast's profile picture. A 'by Hackers for Hackers' podcast focused on technical bug bounty content. Exploits, techniques, stories, bounties. Hosts: @rhynorater, @rez0__, @gr3pme
Critical Thinking - Bug Bounty Podcast
@ctbbpodcast
15 h

Recently we dropped an episode on hacking MCP setups. If you’re hunting on programs that use MCP-style interfaces, here are a few things worth keeping in mind:

ctbbpodcast's tweet image. Recently we dropped an episode on hacking MCP setups. If you’re hunting on programs that use MCP-style interfaces, here are a few things worth keeping in mind:
1
0
16
8
931
polyglotengine1's profile picture. Twitter account for the Polyglot Engineer channel
polyglotengineer
 @polyglotengine1
18 h

MCP Is Broken and Anthropic Just Admitted It by Cordero Core medium.com/p/mcp-is-broke…

0
0
0
0
6
opcito's profile picture. Product engineering experts specializing in #DevOps #DevSecOps #Containers #Cloud #Automation, Test Engineering, & Open Source Tech contact@opcito.com
Opcito
 @opcito
Nov 24

Teams are adopting #ModelContextProtocol fast, but many deployments still ship with weak guardrails and misconfigured access. This blog breaks down what’s going wrong and the security controls that actually matter in production. Read more: opcito.com/blogs/mcp-secu… #MCP #MCPServer

opcito's tweet image. Teams are adopting #ModelContextProtocol fast, but many deployments still ship with weak guardrails and misconfigured access. This blog breaks down what’s going wrong and the security controls that actually matter in production. Read more: opcito.com/blogs/mcp-secu… #MCP #MCPServer
0
0
0
0
21
linkangd's profile picture.
linkangd
 @linkangd
Nov 24

Thrilled to share our #ACMCCS #WPES25 paper: "MSA: A Cross-MCP Privacy Attack via Memory Exfiltration of Large Language Models." Malicious MCP servers steal session data. Tests on Cursor, TRAE, VS Code: 100% exfil success, 85-88% recon accuracy! #AISecurity #LLM #Privacy

linkangd's tweet image. Thrilled to share our #ACMCCS #WPES25 paper: "MSA: A Cross-MCP Privacy Attack via Memory Exfiltration of Large Language Models." Malicious MCP servers steal session data. Tests on Cursor, TRAE, VS Code: 100% exfil success, 85-88% recon accuracy! #AISecurity #LLM #Privacy
1
0
0
0
95
diptanu's profile picture. Founder @tensorlake. Past - AI and Distributed Systems at @meta, @hashicorp, @linkedin, and @netflix
Diptanu Choudhury
@diptanu
Nov 24

I have heard a good argument last week in favor of MCP - The attack vector they expose is very limited vs making agents use code gen to access an API. However that applies to reading information from APIs aka useful for chat/deep research agents.

0
0
1
0
33
liran_tal's profile picture. 🧠 MCP 🍩 Socially Engineering LLM 🤖 Hacking AI Agents 🦄 Node.js Secure Coding 🌟 @GitHub Star 🏅 @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec
Liran Tal
 @liran_tal
Nov 24

yet another MCP server repository with vulnerable code, yet the maintainer is unresponsive to my security request ooofff :( github.com/EmilyThaHuman/…

liran_tal's tweet card. database-mcp. Contribute to EmilyThaHuman/database-mcp development by creating an account on GitHub.
GitHub - EmilyThaHuman/database-mcp: database-mcp
Source: github.com
1
0
5
0
494
FrankhHQ's profile picture. Building a portfolio to freedom. https://t.co/oWNRHZVOmU https://t.co/noZRw135Uk WheealaDeal Teknifai Sharing my journey.
Frank H
@FrankhHQ
Nov 22

The core issue is the abuse of MCP—a protocol designed for interoperability. It shows how new AI infrastructure, built for convenience and power, creates unintended backchannels. This will force a security-first rethink of how these foundational protocols are designed.

0
0
0
0
43
MultiLLM's profile picture. Ask anything and MultiLLM gets you multiple perspectives and the best answer. MultiLLM uses the collective intelligence of multiple LMs to get the best answers.
MultiLLM
@MultiLLM
Nov 22

⭕️ Check out MultiLLM debate this new paper "TRIVIAL TROJANS : H OW MINIMAL MCP S ERVERS ENABLE": ⭕️ Consensus Statement: All reviewers agree that the paper spotlights a real vulnerability in MCP: unrestricted cross-server tool composability and weak protocol safeguards can…

MultiLLM's tweet image. ⭕️ Check out MultiLLM debate this new paper "TRIVIAL TROJANS : H OW MINIMAL MCP S ERVERS ENABLE": ⭕️ Consensus Statement: All reviewers agree that the paper spotlights a real vulnerability in MCP: unrestricted cross-server tool composability and weak protocol safeguards can…
0
0
0
0
13
liran_tal's profile picture. 🧠 MCP 🍩 Socially Engineering LLM 🤖 Hacking AI Agents 🦄 Node.js Secure Coding 🌟 @GitHub Star 🏅 @OpenJS Pathfinder award for Security 🥑 DevRel @snyksec
Liran Tal
 @liran_tal
Nov 22

reporting CVEs is hard and this MCP server might get used without users aware of the security vulnerability I found because maintainer isn't responding... github.com/donghao1393/mc…

liran_tal's tweet card. --> July 26 communication: Hi, Can you please enable Private Vulnerability Report in this repository settings so I can disclose a security issue for this project? --> September 20 update: Imp...
Improper Access Control results in bypassing a "read-only" mode for mcp-dbutils MCP Server · Issue...
Source: github.com
1
1
3
1
322
karamdebly's profile picture. God, family, work, tech, beauty, health, and humour. Syriac Maronite diaspora. 3rd generation Canadian.
Karam
@karamdebly
Nov 21

might be time to re-think mcp. here's the warning from claude code:

karamdebly's tweet image. might be time to re-think mcp. here's the warning from claude code:
0
0
0
0
432
PariseauTT's profile picture. Senior News Writer, @InformaTTGT $TTGT. Thoughts here are my own. beth.pariseau at informatechtarget dot com @BPariseau@hachyderm.io
Beth Pariseau
 @PariseauTT
Nov 21

An update to #MCP marks an important step toward secure, personalized #AI, but also shows that significant work remains to secure #AIagents. My writeup: techtarget.com/searchsoftware… #MCP #AIgovernance #AIsecurity #AIagentsecurity #OAuth @TryArcade

PariseauTT's tweet card. An update to Model Context Protocol scheduled for Nov. 25 will add authorization for agents on behalf of users without involving an LLM.
MCP OAuth update adds security for personalized AI | TechTarget
Source: techtarget.com
0
1
3
0
162
SpecterOps's profile picture. Creators of BloodHound | Experts in Adversary Tradecraft | Leaders in Identity Attack Path Management
SpecterOps
 @SpecterOps
Nov 21

AI tooling and MCP servers are entering enterprises fast, often faster than security teams can assess the risks. During a recent engagement, @_xpn_ found a new Claude Code vuln (CVE-2025-64755) while exploring MCP abuse paths. 👀 Read the details ↓ ghst.ly/49ybl4W

SpecterOps's tweet card. This blog post explores a bug, (CVE-2025-64755), I found while trying to find a command execution primitive within Claude Code to demonstrate the risks of web-hosted MCP to a client.
An Evening with Claude (Code) - SpecterOps
Source: specterops.io
0
15
50
28
6K
jitterbit's profile picture. For organizations ready to innovate, Jitterbit's unified AI-infused low-code platform accelerates integration, orchestration, automation, and app development.
Jitterbit
 @jitterbit
Nov 21

MCP is rapidly reshaping how #AI connects to real-world tools and data — but its #security gaps are too big for enterprises to ignore. Our blog breaks down where #MCP falls short today and what must change before it can be deployed safely at scale. ➡️ ow.ly/9g7K50XvMF0

jitterbit's tweet card. MCP enables unprecedented connectivity, which has driven widespread and rapid adoption. But this connectivity represents a double-edged sword.
The Security Gaps Still Holding MCP Back from Enterprise Adoption | Jitterbit
Source: jitterbit.com
0
0
0
0
34
ITPro's profile picture. We provide the most comprehensive content to aid B2B IT decision making. Sign up to our NL https://t.co/Wb6iUyQhvV – & join us on LinkedIn https://t.co/LHjgdWbwr0
ITPro
 @ITPro
Nov 21

MCP servers are quickly becoming the backbone of AI-enabled development, connecting models to the real systems your teams rely on. This ebook details the risks #promo itpro.com/infrastructure…

ITPro's tweet card. Securing the MCP Servers Ecosystem Ebook
Securing the MCP Servers Ecosystem Ebook
Source: itpro.com
0
0
0
0
82
No results for "#mcpvulnerabilities"

Something went wrong.


Something went wrong.


United States Trends