This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Food giant Sysco confirms customer data stolen in cyberattack
May 10, 2023
Sysco detected the data breach in March but believes the threat actor began their attack in January, with business, employee and personal data stolen. Global food distributor Sysco has said that company data has been stolen as a result of a cyberattack earlier this year. The stolen information is believed to include business, customer, employee and personal ...
- After a Cyber Attack: Dos and Don’ts for Higher Education IT Staff
May 10, 2023
For most colleges and universities, it’s a question of when, not if, they will experience a cyber attack. Here are seven key considerations for handling the aftermath of a breach. There is a treasure trove of sensitive and valuable information in higher education information systems that is tantalizing to hackers of all kinds. With networks that ...
- North Korean hackers breached major hospital in Seoul to steal data
May 10, 2023
The Korean National Police Agency (KNPA) warned that North Korean hackers had breached the network of one of the country’s largest hospitals, Seoul National University Hospital (SNUH), to steal sensitive medical information and personal details. The incident occurred between May and June 2021, and the police conducted an analytical investigation during the past two years to ...
- New phishing-as-a-service tool “Greatness” already seen in the wild
May 10, 2023
A previously unreported phishing-as-a-service (PaaS) offering named “Greatness” has been used in several phishing campaigns since at least mid-2022. Greatness incorporates features seen in some of the most advanced PaaS offerings, such as multi-factor authentication (MFA) bypass, IP filtering and integration with Telegram bots. Read more… Source: Talos
- Cybersecurity firm Dragos discloses cybersecurity incident, extortion attempt
May 10, 2023
Industrial cybersecurity company Dragos today disclosed what it describes as a “cybersecurity event” after a known cybercrime gang attempted to breach its defenses and infiltrate the internal network to encrypt devices. While Dragos states that the threat actors did not breach its network or cybersecurity platform, they got access to the company’s SharePoint cloud service and ...
- UK man pleads guilty to hijacking Twitter accounts including of Joe Biden and Elon Musk
May 10, 2023
A British man has pleaded guilty over his role in schemes to hack the Twitter accounts of celebrities including Joe Biden and Elon Musk, as well as stealing $794,000 in cryptocurrency. Joseph James O’Connor, 23, entered his guilty plea in a New York court after being extradited from Spain on 26 April. Read more… Source: The Guardian