This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- How cybercrime is impacting SMBs in 2023
June 27, 2023
According to the United Nations, small and medium-sized businesses (SMBs) constitute 90 percent of all companies and contribute 60 to 70 percent of all jobs in the world. They generate 50 percent of global gross domestic product and form the backbone of most countries’ economies. In the past, the perception was that large corporations were more ...
- Why endpoint management is key to securing an AI-powered future
June 26, 2023
The chief information security officer (CISO) agenda has a new set of priorities. Hybrid work and the resultant architecture updates, so prevalent at the beginning of the pandemic, are no longer top of mind. Instead, the thinking is focused on tackling ever more sophisticated threats and integrating Zero Trust in a more nuanced fashion through ...
- CISA Adds Five Known Exploited Vulnerabilities to Catalog
June 23, 2023
CISA has added five new vulnerabilities to its Known Exploited Vulnerabilities Catalog, based on evidence of active exploitation. CVE-2023-32434 Apple Multiple Products Integer Overflow Vulnerability CVE-2023-32435 Apple iOS and iPadOS WebKit Memory Corruption Vulnerability Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency
- AI And Cybercrime Unleash A New Era Of Menacing Threats
June 23, 2023
Artificial intelligence (AI) is catching a lot of headlines recently. It doesn’t matter whether you’ve been paying attention to these headlines or not—chances are you’ve heard about the recent developments in the world of AI and the extraordinary feats these projects are accomplishing. Large language models (LLMs) like OpenAI’s ChatGPT, Microsoft’s Bing Chat and Google’s Bard ...
- IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging Multiple IoT Exploits
June 22, 2023
Since March 2023, Unit 42 researchers have observed threat actors leveraging several IoT vulnerabilities to spread a variant of the Mirai botnet. The threat actors have the ability to gain complete control over the compromised devices, integrating those devices into the botnet. These devices are then used to execute additional attacks, including distributed denial-of-service (DDoS) attacks. Read ...
- LockBit Green and phishing that targets organizations
June 22, 2023
In recent months, Kaspersky published private reports on a broad range of subjects. They wrote about malware targeting Brazil, about CEO fraud attempts, Andariel, LockBit and others. For this post, Kaspersky researchers selected three private reports, namely those related to LockBit and phishing campaigns targeting businesses, and prepared excerpts from these. Read more… Source: Kaspersky