A new malware is circulating in the npm ecosystem, stealing credentials and CI secrets and spreading autonomously.

A blog post by AI security company Invariant Labs shows that the official GitHub MCP server (Model Context Protocol) can invite prompt injection attacks. In a proof of concept, an attacker used a ...

In this article, we will explore the hot topic of securing AI-generated code and demonstrate a technical approach to shifting ...

What if you could spend less time on repetitive coding tasks and more time solving the problems that truly inspire you? The newly unveiled GitHub MCP Server promises to make this a reality. By ...

Today’s AI coding agents are impressive. They can generate complex multi-line blocks of code, refactor according to internal style, explain their reasoning in plain English, and more. However, AI ...

Threat actors could use prompt injection attacks to take advantage of three vulnerabilities in Anthropic’s official Git MCP server and cause mayhem with AI systems. This alert comes from researchers ...

The hyperscalers were quick to support AI agents and the Model Context Protocol. Use these official MCP servers from the major cloud providers to automate your cloud operations.

SmartLoader campaign spreading StealC via a trojanized Oura MCP server using fake GitHub forks to steal credentials and ...

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...

Anthropic patched Git MCP flaws enabling remote code execution via tool chaining Cyata discovered CVEs; fixed in version 2025.12.18, no exploitation reported yet Claude previously manipulated in cyber ...