News

Attack via GitHub MCP server: Access to private data
The official integration of the Model Contet Protocol in GitHub can expose private information if used carelessly.
CIO1d
MCP is enabling agentic AI, but how secure is it?
As model context protocol paves the way as a foundational rulebook for effective agentic AI, security issues surrounding ...
WinBuzzer7d
GitHub Copilot Ecosystem Hit by Critical MCP Server Security Flaw
GitHub's Model Context Protocol (MCP) has a critical vulnerability allowing AI coding agents to leak private repo data.
Hackaday4d
This Week In Security: CIA Star Wars, Git* Prompt Injection And More
The CIA ran a series of web sites in the 2000s. Most of them were about news, finance, and other relatively boring topics, ...
Hosted on MSN27d
Dangerous Linux wiper malware hidden within Go modules on GitHub
Three Golang modules on GitHub were found containing dangerous malware The malware was designed to wipe the entire disk of a Linux server It was ... com/blankloggia/go-mcp, and github[.] ...
InfoQ1mon
Azure MCP Server Enters Public Preview: Expanding AI Agent Capabilities
including GitHub Copilot Agent Mode and custom MCP clients, can use the Azure MCP Server. Lastly, Microsoft plans to enhance the Azure MCP Server with more agent samples, documentation ...
InfoWorld2mon
GitHub suffers a cascading supply chain attack compromising CI/CD secrets
A sophisticated cascading supply chain attack has compromised multiple GitHub Actions, exposing critical CI/CD secrets across tens of thousands of repositories. The attack, which originally target ...