Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code execution - SiliconANGLE ...
InfoWorld

Three vulnerabilities in Anthropic Git MCP Server could let attackers tamper with LLMs

Update to the latest version and monitor for unexpected .git directories in non-repository folders, developers are told.
Dark Reading

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

Researchers found the popular model context protocol (MCP) servers, which are integral components of AI services, carry ...
The Hacker News

CISA Warns of Active Exploitation of Gogs Vulnerability Enabling Code Execution

CISA warns that hackers are actively exploiting a high-severity flaw in Gogs that can lead to remote code execution; no patch ...
Infosecurity Magazine

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

MCP is an open standard introduced by Anthropic in November 2024 to allow AI assistants to interact with tools such as ...
Security Boulevard

Threat Actor Teases Source Code for Sale After Hack of Target Systems

Hackers posted online what they said were samples of about 860 GB of internal source code, developer documentation, and other ...

Alleged Leak of Target’s Internal Code Sparks Alarm Across Cybersecurity Community

Concerns are mounting around U.S. retail giant Target after a cybercriminal claimed to be selling internal company source ...

Target's dev server offline after hackers claim to steal source code

Hackers are claiming to be selling internal source code belonging to Target Corporation, after publishing what appears to be ...
The Register on MSN

Anthropic quietly fixed flaws in its Git MCP server that allowed for remote code execution

Prompt injection for the win Anthropic has fixed three bugs in its official Git MCP server that researchers say can be ...
CSO Online

Contagious Interview turns VS Code into an attack vector

Threat actors behind the campaign are abusing Microsoft Visual Studio Code’s trusted workflows to execute and persist ...

CISA orders feds to patch Gogs RCE flaw exploited in zero-day attacks

CISA has ordered government agencies to secure their systems against a high-severity Gogs vulnerability that was exploited in ...