This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- CISA Releases Five Industrial Control Systems Advisories
August 3, 2023
CISA released five Industrial Control Systems (ICS) advisories on August 3, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-215-01 Mitsubishi Electric GOT2000 and GOT SIMPLE ICSA-23-215-02 Mitsubishi Electric GT and GOT Series Products Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- CISA, NSA, FBI, and International Partners Release Joint CSA on Top Routinely Exploited Vulnerabilities of 2022
August 3, 2023
The U.S. Cybersecurity and Infrastructure Security Agency (CISA), National Security Agency (NSA), Federal Bureau of Investigation (FBI), and international partners are releasing a joint Cybersecurity Advisory (CSA), 2022 Top Routinely Exploited Vulnerabilities. This advisory provides details on the top Common Vulnerabilities and Exposures (CVEs) routinely exploited by malicious cyber actors in 2022, and the associated Common ...
- What’s happening in the world of crimeware: Emotet, DarkGate and LokiBot
August 3, 2023
The malware landscape keeps evolving. New families are born, while others disappear. Some families are short-lived, while others remain active for quite a long time. In order to follow this evolution, Kaspersky researchers rely both on samples that they detect and their monitoring efforts, which cover botnets and underground forums. While doing so, the researchers found ...
- Terrorism and cyber attack warning as 25 biggest threats facing Ireland revealed
August 3, 2023
Ireland faces an increased threat from terrorism and cyber-attacks – because we spend so little money on defence, the government has admitted. This year’s national risk assessment also finds that Ireland faces 25 different potential threats – from terrorism to financial instability, as well as climate change, AI and even housing problems. Read more… Source: Irish Mirror
- Cyberattacks targeting utility firms at ‘alarmingly high levels’
August 2, 2023
Utility firms such as electricity providers have become the new frontier for cyberattacks, reaching “alarmingly high levels” last year, the International Energy Agency (IEA) has warned. Russia’s invasion of Ukraine gave fresh impetus to cyber criminals to attack electricity grids and demand ransoms from energy companies scarcely able to defend themselves due to a cybersecurity ...
- Transcending Silos: Improving Collaboration Between Threat Intelligence and Cyber Risk
August 2, 2023
Cyber Threat Intelligence (CTI) and risk management have emerged as distinct disciplines, yet they share many similarities in their mission. Both approaches inform decision-making by providing high-quality insight on the most relevant threats and risks impacting organizations. Although risk and CTI teams approach this challenge from different vantage points, their underlying shared mission creates exciting ...