INTERN(al) MSRC variant hunting: From multi-tenant authorization to Model Context Protocol

When security researchers submit a vulnerability report to MSRC, the Vulnerabilities and Mitigations V&M team reviews it, reproduces the issue, and determines severity. The team reviews all submissions from internal and external security researchers...

AI Explainer: What Is Model Context Protocol?

...

CVE-2025-64109

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

CVE-2025-64109 Cursor CLI Beta: Command Injection via Untrusted MCP Configuration

Cursor is a code editor built for programming with AI. In versions and below, a vulnerability in the Cursor CLI Beta allowed an attacker to achieve remote code execution through the MCP Model Context Protocol server mechanism by uploading a malicious MCP configuration in .cursor/mcp.json file in ...

PT-2025-45063

Name of the Vulnerable Software and Affected Versions Cursor versions prior to 2025.09.17-25b418f Description Cursor is a code editor designed for programming with AI. A flaw in the Cursor CLI Beta could allow a remote attacker to execute code. This is possible through the Model Context Protocol...

When APIs Become Attack Paths: What the Q3 2025 ThreatStats Report Tells Us

Wallarm’s latest Q3 2025 API ThreatStats report link placeholder reveals that API vulnerabilities, exploits, and breaches are not just increasing; they’re evolving. Malicious actors are shifting from code-level weaknesses to business logic flaws, from web apps to partner integrations, and from RE...

MCPGuard : Automatically Detecting Vulnerabilities in MCP Servers

The Model Context Protocol MCP has emerged as a standardized interface enabling seamless integration between Large Language Models LLMs and external data sources and tools. While MCP significantly reduces development complexity and enhances agent capabilities, its openness and extensibility...

Securing AI Agent Execution

Large Language Models LLMs have evolved into AI agents that interact with external tools and environments to perform complex tasks. The Model Context Protocol MCP has become the de facto standard for connecting agents with such resources, but security has lagged behind: thousands of MCP servers...

oatpp-mcp 安全特征问题漏洞

oatpp-mcp is an Oat++ open source implementation of the Model Context Protocol. A security signature issue vulnerability exists in oatpp-mcp that stems from an MCP SSE endpoint returning an instance pointer as a session ID, which could lead to a session hijacking attack...

Toward Understanding Security Issues in the Model Context Protocol Ecosystem

The Model Context Protocol MCP is an emerging open standard that enables AI-powered applications to interact with external tools through structured metadata. A rapidly growing ecosystem has formed around MCP, including a wide range of MCP hosts i.e., Cursor, Windsurf, Claude Desktop, and Cline, M...

Severe Framelink Figma MCP Vulnerability Lets Hackers Execute Code Remotely

Cybersecurity researchers have disclosed details of a now-patched vulnerability in the popular figma-developer-mcp Model Context Protocol MCP server that could allow attackers to achieve code execution. The vulnerability, tracked as CVE-2025-53967 CVSS score: 7.5, is a command injection bug...

Another Critical RCE Discovered in a Popular MCP Server

Artificial Intelligence development is moving faster than secure coding practices, and attackers are taking notice. Imperva Threat Research recently uncovered and disclosed a critical Remote Code Execution RCE vulnerability CVE-2025-53967 in the Framelink Figma MCP Server. This is just one exampl...

EUVD-2025-14322

Malicious code in bioql PyPI...

EUVD-2025-19727

Malicious code in bioql PyPI...

EUVD-2025-19730

Malicious code in bioql PyPI...

PentestMCP: A Toolkit for Agentic Penetration Testing

Agentic AI is transforming security by automating many tasks being performed manually. While initial agentic approaches employed a monolithic architecture, the Model-Context-Protocol has now enabled a remote-procedure call RPC paradigm to agentic applications, allowing for the flexible constructi...

Microsoft Expands Sentinel Into Agentic Security Platform With Unified Data Lake

Microsoft on Tuesday unveiled the expansion of its Sentinel Security Incidents and Event Management solution SIEM as a unified agentic platform with the general availability of the Sentinel data lake. In addition, the tech giant said it's also releasing a public preview of Sentinel Graph and...

Malicious Package

Overview postmark-mcp is a malicious package. This is an MCP Model Context Protocol server intended to let AI assistants send emails via Postmark and it was reportedly modified to secretly exfiltrate email contents by adding a blind-copy BCC to an external domain. Note: If you have installed or...

CVE-2025-59834

ADB MCP Server is a MCP Model Context Protocol server for interacting with Android devices through ADB. In versions 0.1.0 and prior, the MCP Server is written in a way that is vulnerable to command injection vulnerability attacks as part of some of its MCP Server tool definition and implementatio...