This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Budworm: APT Group Uses Updated Custom Tool in Attacks on Government and Telecoms Org
September 28, 2023
The Budworm advanced persistent threat (APT) group continues to actively develop its toolset. Most recently, the Threat Hunter Team in Symantec, part of Broadcom, discovered Budworm using an updated version of one of its key tools to target a Middle Eastern telecommunications organization and an Asian government. Both attacks occurred in August 2023. Budworm (aka LuckyMouse, ...
- Ransomware group demands $51 million from Johnson Controls after cyber attack
September 28, 2023
Johnson Controls, a multinational conglomerate that secures industrial control systems, security equipment, fire safety and air conditioning systems, has been hit by a massive cyber attack. The company, which employs over 100,000 people around the world, suffered a ransomware attack over the weekend which left data encrypted and caused it to shut down sections of ...
- A cryptor, a stealer and a banking trojan
September 28, 2023
Last month Kaspersky researchers covered a wide range of cybercrime topics. For example, Kaspersky published a private report on a new malware found on underground forums that they call ASMCrypt (related to the DoubleFinger loader). But there’s more going on in the cybercrime landscape, so the researchers also published reports on new versions of the Lumma ...
- phpPgAdmin deserialization vulnerability
September 28, 2023
phpPgAdmin is an open-source, web-based administration tool for managing PostgreSQL, an advanced, enterprise-class, and open-source relational database system. phpPgAdmin is written in PHP and provides a user-friendly interface that allows users to perform various database management tasks. Users can create, modify, and delete databases, tables, and records through this interface, making it a valuable tool ...
- Indian Cyber Force Claims Responsibility for Cyber Attacks on Canadian Websites
September 28, 2023
A group of pro-India hackers on Wednesday claimed responsibility for bringing down the website of the Canadian Armed Forces for two hours. Following a diplomatic winter between India and Canada, the group, which identifies itself as Indian Cyber Force, warned of launching cyber attacks on Canadian websites on September 21. In the last few days, the ...
- Edinburgh Trams website offline following ‘cyber- attack’
September 28, 2023
An Edinburgh transport website has been taken offline after a “cyber attack”. Edinburgh Trams said on Thursday it was the victim of a “cyber crime” which has affected its website. Threat intelligence platform FalconFeeds said that international ransomware group NoName was behind the attack, and also targeted Swiftcard and Mersey Ferries Limited. Read more… Source: STV News