200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

AI tool poisoning exposes a major flaw in enterprise agent security

Discovery binding: The proxy validates that the tool being invoked matches the tool whose behavioral specification the agent ...

Anthropic response to 1-click pwn: Shouldn't have clicked 'ok'

The TrustFall proof-of-concept attack demonstrates how a cloned code repository can include two JSON files (.mcp.json and ...
Security Boulevard

The Half of Agent Security You’re Not Governing

The governance of AI agents faces a fundamental asymmetry: while MCP servers provide structured logs, the "Skills" that drive agent reasoning remain forensic black holes. As high-risk ...
Bleeping Computer

Latest Prompt Injection news

Using only natural language instructions, researchers were able to bypass Google Gemini's defenses against malicious prompt injection and create misleading events to leak private Calendar data. With ...
Hosted on MSN

Contagious Claude Code bug Anthropic ignored promptly spreads to Cowork

Anthropic's tendency to wave off prompt-injection risks is rearing its head in the company's new Cowork productivity AI, which suffers from a Files API exfiltration attack chain first disclosed last ...

Operant AI Launches Endpoint Protector: Securing Shadow AI, Coding Agents, and MCP Across the Enterprise

Operant AI, the leader in AI security, today announced the launch of Operant Endpoint Protector, a new addition to its AI Defense Platform that lets enterprise IT and security teams discover, detect, ...

How indirect prompt injection attacks on AI work - and 6 ways to shut them down

How indirect prompt injection attacks on AI work - and 6 ways to shut them down ...