AI agent vulnerabilities, MCP ecosystem risks, and identity threats. Curated from public security research. Updated regularly.
83% of organizations plan to deploy agentic AI, yet only 29% feel prepared to secure it. Four 2026 incidents show agents inheriting extensive permissions enable zero-click exfiltration and credential vault takeover.
Read full article →TapAuth scanned 518 MCP servers in the Official Registry. 214 servers (41%) have zero authentication. 1,422 MCP tools accessible to anyone who connects -- send campaigns, abort CI/CD builds, process payments.
Read full article →Enkrypt AI scanned 1,000+ MCP servers. Average: 5.2 vulnerabilities per server. A widely-used Kubernetes MCP server had 26 vulnerabilities including 6 critical command injection flaws (CVSS 9.8).
Read full article →Following official FastMCP documentation to deploy with transport=http and host=0.0.0.0 results in zero authentication, zero encryption. Anyone with the server IP can invoke any exposed tool.
Read full article →The official MCP debugging tool had no authentication between client and proxy. Chained with DNS rebinding, visiting a malicious website enabled arbitrary code execution on developer machines. CVSS 9.4.
Read full article →Invariant Labs documented accessing private repositories via the official GitHub MCP server by exploiting the lack of per-action authorization. Agent authenticates the user but not the agent itself.
Read full article →The OWASP GenAI Security Project releases dedicated risk framework for agentic AI. ASI03 (Identity & Privilege Abuse) and ASI07 (Insecure Inter-Agent Communication) highlight the agent identity gap.
Read full article →Dedicated Top 10 for Model Context Protocol security. MCP07 (Insufficient Authentication & Authorization) confirms: weak identity verification in MCP ecosystems exposes critical attack paths.
Read full article →