This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Hackers stole hundreds of thousands of Roblox accounts
April 30, 2026
More than 610,000 Roblox accounts were reportedly stolen. Was yours or your child’s among them? Ukrainian police arrested three individuals in Lviv who allegedly orchestrated one of the largest Roblox account theft operations to date. Between October 2025 and January 2026, the hacking group is said to have compromised over 610,000 Roblox accounts, including at least 357 ...
- Nasty cPanel vulnerability probably exploited as a 0-day
April 30, 2026
Emergency patches are available for a critical vulnerability in cPanel and WHM that allows attackers to bypass authentication and gain root access to servers managed using it. Given that cPanel and WebHost Manager (WHM) control panel help manage properties for 70 million domains, by some estimates, and the critical severity of CVE-2026-41940 (9.8), the vulnerability is ...
- CISA flags data-theft bug in NSA-built OT networking tool
April 29, 2026
The Cybersecurity and Infrastructure Security Agency (CISA) is warning anyone who uses GrassMarlin, a tool developed by the National Security Agency (NSA), about a new vulnerability that attackers can use to snoop on sensitive information. First reported by Grady DeRosa, senior industrial pentester at Dragos, the weak spot affects all versions of GrassMarlin, a tool developed ...
- Have I Been Pwned claims Pitney Bowes hit by 8.2M email address leak
April 29, 2026
Logistics technology company Pitney Bowes, which makes franking machines for US postage, is the latest scalp claimed by ShinyHunters and its ongoing spree of pay-or-leak attacks against major organizations. Data breach tracker Have I Been Pwned (HIBP) confirmed the breach on April 27, with 8.2 million unique email addresses included in the dump alongside names, phone ...
- Medtronic says ShinyHunters hackers stole around 9 million medical records in latest attack
April 28, 2026
Medtronic, one of the biggest medical device manufacturers in the world, has confirmed suffering a cyberattack in which crooks “accessed data in certain Medtronic corporate IT systems.” In a security notification published on its website, Medtronic said the attack does not affect its customers or products, and also stressed it will continue operating as usual, without ...
- Don’t pay Vect a ransom – your data’s likely already wiped out
April 28, 2026
Organizations hit by the wave of Trivy and Lite LLM supply-chain compromises that paid Vect in hopes of recovering their data likely did not get much back, according to Check Point Research. That’s because the ransomware Vect uses isn’t actually ransomware at all, but a wiper that destroys any file larger than 128KB. Vect’s leak site ...