Tech News
Back to home
Technology

Anthropic's Model Context Protocol includes a critical remote code execution vulnerability — newly discovered exploit puts 200,000 AI servers at risk

Source

Tom's Hardware

Published

TL;DR

AI Generated

Security researchers discovered a critical remote code execution vulnerability in Anthropic's Model Context Protocol (MCP), affecting SDKs in Python, TypeScript, Java, and Rust. This flaw puts up to 200,000 AI servers at risk across a supply chain with over 150 million downloads. Despite the exposure, Anthropic has declined to patch the protocol, stating that the behavior was expected. OX Security's research team identified multiple exploitation methods and recommended protocol-level fixes to Anthropic, which were reportedly declined. The vulnerability comes shortly after Anthropic launched Claude Mythos, a model aimed at identifying security vulnerabilities in other software, prompting calls for the company to address its own infrastructure vulnerabilities.

Read Full Article

Similar Articles

How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

How a cavalcade of blunders gave unauthorized users access to Claude Mythos — restricted model accessed by third parties, thanks to knowledge from data breach

Unauthorized users gained access to Anthropic's cybersecurity AI model, Claude Mythos, through a breach that exposed proprietary AI models. Despite Mythos' capabilities in finding vulnerabilities, it couldn't prevent unauthorized access through a third-party contractor. The breach stemmed from a hack at Mercor, which led to a chain of breaches involving third-party tools. This incident underscores the importance of cybersecurity and the vulnerability posed by the human element in digital security. As AI tools like Mythos become more prevalent, the need for robust security measures is increasingly crucial to prevent unauthorized access and data breaches.

Tom's Hardware
How SW and HW Vulnerabilities Can Complement LLM-Specific Algorithmic Attacks (UT Austin, Intel et al.)

How SW and HW Vulnerabilities Can Complement LLM-Specific Algorithmic Attacks (UT Austin, Intel et al.)

A technical paper titled “Cascade: Composing Software-Hardware Attack Gadgets for Adversarial Threat Amplification in Compound AI Systems” by UT Austin, Intel Labs, Symmetry Systems, Microsoft, and Georgia Tech explores how software and hardware vulnerabilities can combine with LLM-specific algorithmic attacks to compromise the integrity of compound AI pipelines. The paper demonstrates two novel attacks that leverage system-level vulnerabilities along with algorithmic weaknesses to breach AI safety and confidentiality. By systematically analyzing attack primitives and mapping vulnerabilities to different stages of an attack lifecycle, the paper emphasizes the importance of addressing traditional vulnerabilities for robust defense strategies in the future.

SemiEngineering
MIT Technology Review

From guardrails to governance: A CEO’s guide for securing agentic systems

The article provides a practical guide for CEOs on securing agentic systems by implementing strict controls on identity, tools, and data. It outlines an eight-step plan to govern agentic systems effectively, emphasizing the importance of constraining capabilities and controlling data and behavior. The guide advises treating agents as powerful, semi-autonomous users and enforcing rules at boundaries where they interact with various components. CEOs are encouraged to continuously evaluate and monitor these systems to ensure governance and resilience. The focus is on integrating AI security measures within existing security frameworks to manage risks effectively.

MIT Technology Review
As many as 2 million Cisco devices affected by actively exploited 0-day

As many as 2 million Cisco devices affected by actively exploited 0-day

A zero-day vulnerability affecting up to 2 million Cisco devices has been actively exploited, allowing attackers to remotely crash or execute code on vulnerable systems. The vulnerability, identified as CVE-2025-20352, exists in all supported versions of Cisco IOS and Cisco IOS XE, posing a risk to various networking devices. It can be leveraged by low-privileged users for denial-of-service attacks or by higher-privileged users to run code with root privileges. Cisco advises customers to upgrade to a patched software release to address this issue, which has a severity rating of 7.7 out of 10.

Ars Technica

We use cookies

We use cookies to ensure you get the best experience on our website. For more information on how we use cookies, please see our cookie policy.