CSOonline

Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks

A misconfigured default in the MCP inspector tool allows attackers to execute arbitrary commands via CSRF and legacy browser flaws, posing serious risks to AI developers and enterprise systems. A ...
CSOonline

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Anthropic didn’t dispute the security report, but suggested it would only be caused by user error, where users deliberately installed the tools and granted the appropriate permissions. When LayerX ...