Taggart :donor: @mttaggart@infosec.exchange
Public

Oh look, another MCP vuln (or 3) from failure to sanitize input.

You and I both know how these are getting written. You and I both know the training material is not vetted for secure code. This will not stop and will only get worse. Even if companies had an incentive to create a model that optimizes for secure code (they don't), sourcing a training corpus would be next to impossible.

(h/t @AAKL)

cyata.ai/blog/cyata-research-b

Cyata Research: Breaking Anthropic's Official MCP Server - Cyata | The Control Plane for Agentic Identity

How We Found Code Execution in Anthropic’s Official Git MCP Server TL;DR What happened: Cyata discovered three security vulnerabilities in mcp-server-git, the official Git MCP server maintained by Anthropic. These flaws can be exploited through prompt injection, meaning an attacker who can influence what an AI assistant reads (a malicious README, a poisoned issue description, […]

cyata.ai · Cyata | The Control Plane for Agentic Identity

0
0
0

If you have a fediverse account, you can quote this note from your own instance. Search https://infosec.exchange/users/mttaggart/statuses/115928485156914571 on your instance and quote it. (Note that quoting is not supported in Mastodon.)