MacMusic  |  PcMusic  |  440 Software  |  440 Forums  |  440TV  |  Zicos
mcp
Recherche

MCP attack abuses predictable session IDs to hijack AI agents

mardi 21 octobre 2025, 21:36 , par TheRegister
The vuln affects the Oat++ MCP implementation
A security flaw in the Oat++ implementation of Anthropic's Model Context Protocol (MCP) allows attackers to predict or capture session IDs from active AI conversations, hijack MCP sessions, and inject malicious responses via the oatpp-mcp server.…
Lire la suite sur TheRegister
https://go.theregister.com/feed/www.theregister.com/2025/10/21/mcp_prompt_hijacking_attack/

Voir aussi

mcp AI agents might smooth some of retail’s worst data problems ComputerWorld21 Oct
ids Des hackers divulguent les données personnelles de centaines d'agents du FBI et de l'ICE. Génération-NT21 Oct
session Vidéosurveillance, agents de sécurité, alertes : après le cambriolage au Louvre, les failles de sécurité pointées du doigt 01net20 Oct
hijack Les agents IA de Windows 11 agiront en votre nom. Peut-on leur faire confiance ? ZDNet.fr20 Oct
oat Agents of chaos InfoWorld17 Oct
implementation Windows 11 accueille des agents IA : le plan de Microsoft pour la sécurité Génération-NT17 Oct
predictable Chicago judge furious: "You can't drive a car through a crowd," orders bodycams on federal agents BoingBoing16 Oct
agents Chinese cyberspies snoop on Russian IT biz in rare east-on-east attack TheRegister16 Oct
abuses Salesforce pumps the dream of AI agents as helpers, not replacements TheRegister15 Oct
attack Are AI Agents Compromised By Design? Slashdot15 Oct
mcp Frightful Patch Tuesday gives admins a scare with 175+ Microsoft CVEs, 3 under attack TheRegister15 Oct
ids A New Attack Lets Hackers Steal 2-Factor Authentication Codes From Android Phones Wired: Tech.14 Oct
session GenAI agents are changing language translation in the enterprise ComputerWorld14 Oct
hijack Quick Suite d'Amazon veut révolutionner le travail grâce à ses agents IA Génération-NT14 Oct
oat Comedian trolls ICE agents with animal costumes and protest songs BoingBoing14 Oct
implementation British govt agents demand action after UK mega-cyberattacks surge 50% TheRegister14 Oct
predictable Android 'Pixnapping' Attack Can Capture App Data Like 2FA Codes Slashdot14 Oct
agents Android 'Pixnapping' attack can capture app data like 2FA codes TheRegister13 Oct
abuses Vos mots de passe sont-ils vraiment en sécurité face aux agents IA ? 01net13 Oct
attack Java or Python for building agents? InfoWorld13 Oct
News copyright owned by their original publishers | Copyright © 2004 - 2025 Zicos / 440Network
Date Actuelle
mer. 22 oct. - 07:13 CEST