This article examines the security implications of the Model Context Protocol (MCP) sampling feature in the context of a widely used coding copilot application.
MCP is a standard for connecting large language model (LLM) applications to external data sources and tools. We show that, without proper safeguards, malicious MCP servers can exploit the sampling feature for a range of attacks. We demonstrate these risks in practice through three proof-of-concept (PoC) examples conducted within the coding copilot, and discuss strategies for effective prevention.
Read more…
Source: Palo Alto Unit 42
Sign up for the Cyber Security Review Newsletter
The latest cyber security news and insights delivered right to your inbox
Related:
- New Android malware ‘RatMilad’ can steal your data, record audio
October 5, 2022
A new Android spyware named ‘RatMilad’ was discovered targeting mobile devices in the Middle East, used to spy on victims and steal data. The RatMilad spyware was discovered by mobile security firm Zimperium who warned that the malware could be used for cyber espionage, extortion, or to eavesdrop on victim’s conversations. “Similar to other mobile spyware we ...
- NSA, CISA, FBI Warn of Custom Exfiltration Tools Being Used Against Defense Industrial Base Organization
October 4, 2022
FORT MEADE, Md. — The National Security Agency (NSA), the Cybersecurity and Infrastructure Security Agency (CISA), and the FBI released a Cybersecurity Advisory today that details the tactics, techniques and procedures (TTPs) that likely multiple advanced persistent threat (APT) groups recently used to steal sensitive information from a Defense Industrial Base organization. The advisory, “Impacket, ...
- Tracking Earth Aughisky’s Malware and Changes
October 4, 2022
For security researchers and analysts monitoring advanced persistent threat (APT) groups’ attacks and tools, Earth Aughisky (also known as Taidoor) is among the more active units that consistently make security teams vigilant. Over the last decade, the group has continued to make adjustments in the tools and malware deployments on specific targets located in Taiwan ...
- Developer account body snatchers pose risks to the software supply chain
October 4, 2022
Software supply chain attacks, once the exclusive province of sophisticated state-sponsored attackers, have been gaining popularity recently among a broader range of cyber criminals. Attackers everywhere have realized that software supply chain attacks can be very effective, and can result in a large number of compromised victims. Software supply chain attacks more than tripled in ...
- CISA Releases Five Industrial Control Systems Advisories
October 4, 2022
CISA has released five (5) Industrial Control Systems (ICS) advisories on October 04, 2022. These advisories provide timely information about current security issues, vulnerabilities, and exploits surrounding ICS. CISA encourages users and administrators to review the newly released ICS advisory for technical details and mitigations: ICSA-22-277-01 Johnson Controls Metasys ADX Server ICSA-22-277-02 Hitachi Energy Modular Switchgear Monitoring ICSA-22-277-03 Horner ...
- Moody’s turns up the heat on ‘riskiest’ sectors for cyberattacks
October 3, 2022
About $22 trillion of global debt rated by Moody’s Investors Service has “high,” or “very high” cyber-risk exposure, with electric, gas and water utilities, as well as hospitals, among the sectors facing the highest risk of cyberattacks. That’s more than one-quarter (28 percent) of the $80 trillion in Moody’s rated debt across 71 global sectors, and ...