Information security
fromtheregister
5 days agoAnthropic response to 1-click pwn: Shouldn't have clicked 'ok'
Cloned repositories can silently enable attacker-controlled MCP servers, spawning unsandboxed processes with user privileges and enabling remote code execution without per-server consent.