The Hacker News

Anthropic MCP Design Vulnerability Enables RCE, Threatening AI Supply Chain

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Critical flaw in Protobuf library enables JavaScript code execution

Proof-of-concept exploit code has been published for a critical remote code execution flaw in protobuf.js, a widely used ...
CSO Online

RCE by design: MCP architectural choice haunts AI agent ecosystem

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who ...