MCP attack abuses predictable session IDs to hijack AI agents

updated A security flaw in the Oat++ implementation of Anthropic's Model Context Protocol (MCP) allows attackers to predict ...
HealthcareInfoSecurity

Hackers Exploit LFI Flaw in File-Sharing Platforms

Hackers are exploiting a flaw allowing them to access without authentication document root folder files in file-sharing and ...
heise online

Attack via GitHub MCP server: Access to private data

A blog post by AI security company Invariant Labs shows that the official GitHub MCP server (Model Context Protocol) can invite prompt injection attacks. In a proof of concept, an attacker used a ...
SlashGear

Your Plex Server Might Be At Risk Of Getting Banned (Here's What You Can To Do Prevent It)

In February 2024, multiple Reddit users claimed their Plex accounts had been wrongly banned, with some sharing screenshots of the emails they received from Plex that stated the reason for the ban: ...