MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.
Dark Reading

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry ...
SecurityWeek

Anthropic MCP Server Flaws Lead to Code Execution, Data Exposure

Vulnerabilities in Anthropic MCP server could be exploited via prompt injections to execute arbitrary code and read/delete arbitrary files.

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...
Hosted on MSN

Perplexity's Comet AI browser may have some concerning security flaws which could let hacker hijack your device

SquareX discovered hidden MCP API in Comet browser enabling arbitrary local command execution Vulnerability in Agentic extension could let attackers hijack devices via compromised perplexity.ai site ...
Infosecurity Magazine

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

MCP is an open standard introduced by Anthropic in November 2024 to allow AI assistants to interact with tools such as ...
Dark Reading

Sneaky, Malicious MCP Server Exfiltrates Secrets via BCC

Hundreds of organizations may be unknowingly funneling emails containing passwords, API keys, financial details, and other sensitive data straight to a threat actor through a poisoned Model Context ...