This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA Releases Two Industrial Control Systems Advisories
September 5, 2023
CISA released two Industrial Control Systems (ICS) advisories on September 5, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-248-01 Fujitsu Limited Real-time Video Transmission Gear IP series Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- South Africa: Unprecedented cyber attacks target government entities
September 5, 2023
The incidence of spyware attacks has shown a significant surge of over 20% within South Africa with regard to 2023. The majority of these reported attacks have been concentrated on governmental websites and systems, thereby potentially engendering substantial instability to the national security framework of South Africa. The foundational principle of national security mandates that a ...
- UK: Electoral Commission failed basic security test before hack
September 5, 2023
The Electoral Commission has confirmed it failed a basic cyber-security test around the same time hackers gained entry to the organisation. A whistleblower told the BBC that the Commission was given an automatic fail during a Cyber Essentials audit. Last month the Commission revealed that “hostile actors” accessed its emails and potentially the data of 40 ...
- German Banking Regulator BaFin’s Website Hit by Cyber Attack
September 4, 2023
German banking regulator BaFin said its website has only been partially accessible since Friday after a so-called distributed denial of service attack. BaFin took security and defensive measures after the attack which also restrict access to the website, according to a spokeswoman. All of BaFin’s other systems are working without disruption, she said. Read more… Source: Yahoo! News
- Sweden: Significant increase in cyberattacks and they’re more advanced
September 4, 2023
Cyberattacks against Swedish authorities have increased in number and are more protracted and advanced, according to an investigation by Swedish Radio News. The Social Insurance Agency, Försäkringskassan, has seen such attacks double over three years, it says. Read more… Source: Radio Sweden
- Half of large Swiss firms have faced cyberattacks
September 4, 2023
A full 45 percent of companies in Switzerland counting 250 employees or more have already been hit by at least one cyberattack, according to the report. Based on a survey of 400 board members from both larger, listed companies and small and medium enterprises (SMEs), the study found that only 18 percent of firms with under ...