The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Anthropic won't own MCP 'design flaw' putting 200K servers at risk, researchers say

A design flaw – or expected behavior based on a bad design choice, depending on who is telling the story – baked into ...
CSO Online

Critical sandbox bypass fixed in popular Thymeleaf Java template engine

The 9.1-CVSS vulnerability enables attackers to circumvent RCE protections in the de facto template engine for the Java ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...

Experts flag potentially critical security issues at heart of Anthropic MCP

Anthropic sees no issues - and says the tools are working as intended.
Infosecurity Magazine

Systemic Flaw in MCP Protocol Could Expose 150 Million Downloads

However, in a report published on April 15, researchers at Ox Security claimed that a flaw in the protocol could enable ...
The Maravi PostOpinion

No one above the law: Why MCP arrests reflect due process, not politics

BLANTYRE-(MaraviPost)-The recent arrests of several former Malawi Congress Party ministers and senior officials have ...
The Maravi Post

MCP’s Ken Msonda calls for support Mutharika’s DPP regime

LILONGWE-(MaraviPost)-A senior member of the Malawi Congress Party (MCP), Ken Msonda, has urged his fellow party members to ...

Keycloak 26.6 brings zero-downtime updates and workflows

The open-source IAM system Keycloak 26.6 promotes five features to production status – including federated client ...

Azul to Host AI4J: The Intelligent Java Conference on Building Production-Grade AI Systems with Java

Azul, the trusted leader in enterprise Java for today’s AI and cloud-first world, today announced AI4J: The Intelligent Java ...

Naftiko Launches Alpha of Open-Source Framework That Turns API Sprawl Into Governed Capabilities for AI

Large enterprises manage an average of 1,295 SaaS applications and over 14,000 internal APIs. PARIS, ÎLE-DE-FRANCE, ...
Dark Reading

AI Conundrum: Why MCP Security Can't Be Patched Away

Organizations rushing to connect their LLM-powered apps to external data sources and services using the Model Context Protocol (MCP) may be inadvertently creating attack surfaces that are ...