heise online

AI developer tool MCP Inspector: Critical vulnerability allows code execution

There is a critical security vulnerability in Anthropic's MCP Inspector, a debugging tool for MCP servers. It allows malicious code to be executed. In a blog post, the discoverers of the Oligo ...
Hackaday

This Week In Security: Anthropic, Coinbase, And Oops Hunting

Anthropic has had an eventful couple weeks, and we have two separate write-ups to cover. The first is a vulnerability in the Antropic MCP Inspector, CVE-2025-49596. We’ve talked a bit about the Module ...
CSOonline

Critical RCE flaw in Anthropic’s MCP inspector exposes developer machines to remote attacks

A misconfigured default in the MCP inspector tool allows attackers to execute arbitrary commands via CSRF and legacy browser flaws, posing serious risks to AI developers and enterprise systems. A ...
TechRadar

Security experts flag another worrying issue with Anthropic AI systems - here's what they found

Anthropic's MCP Inspector project carried a flaw that allowed miscreants to steal sensitive data, drop malware To abuse it, hackers need to chain it with a decades-old browser bug The flaw was fixed ...
Dark Reading

Agentic AI's Risky MCP Backbone Opens Brand-New Attack Vectors

Two critical remote code execution vulnerabilities in the Model Context Protocol (MCP) ecosystem have laid bare the hidden risks lurking in what's quickly becoming AI's new backbone infrastructure.
VentureBeat

MCP stacks have a 92% exploit probability: How 10 plugins became enterprise security's biggest blind spot

The same connectivity that made Anthropic's Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity's most dangerous blind spot. The ...