This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- Spanish police dismantle phishing operation linked to crime ring
May 9, 2023
The National Police of Spain have arrested two hackers, 15 members of a criminal organization, and another 23 people involved in illegal financial operations in Madrid and Seville for alleged bank scams. The cybercrime operation is an email and SMS-based phishing campaign that allegedly scammed over 300,000 people and resulted in confirmed losses of at least ...
- CISA and Partners Disclose Snake Malware Threat From Russian Cyber Actors
May 9, 2023
Today, CISA and partners released a joint advisory for a sophisticated cyber espionage tool used by Russian cyber actors. Hunting Russian Intelligence “Snake” Malware provides technical descriptions of the malware’s host architecture and network communications, and mitigations to help detect and defend against this threat. CISA urges organizations to review the advisory for more information and ...
- Two Microsoft Windows bugs under attack, one in Secure Boot with a manual fix
May 9, 2023
May’s Patch Tuesday brings some good and some bad news, and if you’re a glass-half-full type, you’d lead off with Microsoft’s relatively low number of security fixes: a mere 38. Your humble vulture, however, is a glass-half-empty-and-who-the-hell-drank-my-whiskey kind of bird, so instead of looking on the bright side, we’re looking at the two Microsoft bugs that ...
- CISA Releases Two Industrial Control Systems Advisories
May 9, 2023
CISA released two Industrial Control Systems (ICS) advisories on May 9, 2023. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. ICSA-23-129-02 Hitachi Energy MSM Read more… Source: U.S. Cybersecurity and Infrastructure Security Agency Related story: CISA Adds One Known Exploited Vulnerability to Catalog
- Leaked Private & BootGuard Keys in MSI Cyber Attack Pose Threat to PC Security
May 8, 2023
Following a recent cyber attack on MSI’s systems, hackers managed to obtain private keys and Intel BootGuard Keys, according to a warning from respected security firm Binarly. These keys are essential for maintaining the security of a company’s devices and firmware, and the leak could result in severe security compromises. Binarly’s CEO, Alex Matrosov, disclosed on ...
- Meet Akira – A new ransomware operation targeting the enterprise
May 7, 2023
The new Akira ransomware operation has slowly been building a list of victims as they breach corporate networks worldwide, encrypt files, and then demand million-dollar ransoms. Launched in March 2023, Akira claims to have already conducted attacks on sixteen companies. These companies are in various industries, including education, finance, real estate, manufacturing, and consulting. Read more… Source: Bleeping ...