CSOonline

Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks

A misconfigured default in the MCP inspector tool allows attackers to execute arbitrary commands via CSRF and legacy browser flaws, posing serious risks to AI developers and enterprise systems. A ...
Dark Reading

Microsoft & Anthropic MCP Servers at Risk of RCE, Cloud Takeovers

The most popular trusted model context protocol (MCP) servers on the Web today contain severe cybersecurity vulnerabilities. The Internet of AI forming all around us is growing larger and more ...
CSOonline

Anthropic’s DXT poses “critical RCE vulnerability” by running with full system privileges

Anthropic didn’t dispute the security report, but suggested it would only be caused by user error, where users deliberately installed the tools and granted the appropriate permissions. When LayerX ...