OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...

Ox安全研究团队表示，他们曾多次要求Anthropic从根本上修复这一问题，但均遭拒绝。Anthropic方面坚称该协议运行正常，尽管已有10个与MCP相关的开源工具和AI智能体获得了高危或严重级别的CVE编号。Ox认为，一次根本性的架构修复，原本可以降低总下载量超过1.5亿次的软件包所带来的安全风险，并保护数百万下游用户。

The AI company Anthropic, which was founded in 2021 by former OpenAI employees, has developed the Model Context Protocol (MCP) with the aim of standardizing communication between Large Language Models ...

IT之家 4 月 16 日消息，网络安全公司 OX Security 昨日（4 月 15 日）发布报告，披露 Anthropic 的 MCP（模型上下文协议）存在设计缺陷，可导致远程代码执行。该设计缺陷影响范围极广，导致超过 20 万台 AI 服务器面临远程代码执行风险。IT之家注：MCP 全称为 Model Context Protocol，是 Anthropic 公司于 2024 年 11 月 ...

Cybersecurity researchers have discovered a critical "by design" weakness in the Model Context Protocol's (MCP) architecture ...

Microsoft's AI Toolkit extension for VS Code now includes a Tool Catalog that can scaffold a Python or TypeScript MCP server with the core transport and registration plumbing already set up. In ...

智东西4月17日消息， 4月15日以色列网络安全公司OX Security发布研究报告，指出Anthropic主导开发和维护的模型上下文协议（MCP）存在架构级安全漏洞。该漏洞已影响超过3.2万个代码仓库，超20万台服务器存在潜在暴露风险，攻击者可借此直接窃取用户数据、数据库、API密钥及聊天记录。

Unsafe defaults in MCP configurations open servers to possible remote code execution, according to security researchers who have found exploitable instances in many commercial services and open-source ...

MCP Server enables AI agents to handle a full range of data-driven queries of Data Commons data sources, from initial discovery to generative reports, Google said. Looking to make public data access ...