I Audited 50+ MCP Servers and Found CVSS 9.8 Vulnerabilities
The Model Context Protocol ecosystem has grown to nearly 10,000 servers. According to the Trend Micro...
Tag archive
The Model Context Protocol ecosystem has grown to nearly 10,000 servers. According to the Trend Micro...
TP-Link Kasa Cameras Shipped With a Hardcoded Encryption Key—and That's a Bigger Problem...
Microsoft's Biggest Patch Tuesday Ever: 570 Bugs, 3 Zero-Days Exploited Most months,...
The setup Over the past 2 weeks, I built MarketNow — a marketplace for MCP (Model Context...
The problem A recent Reddit thread highlighted that 30 CVEs were filed against MCP servers...
A flaw letting any Windows repository run arbitrary code the moment it is opened in the Cursor editor was reported in December, reproduced, acknowledged, and then met with silence across 197 shipped versions.

Someone double-clicks what they think is Maccy, a clipboard manager, and gets a macOS password...

Your Nessus scan just finished. You have 4,847 findings. CVSS says 200 of them are Critical. Where...

CVE-2026-33825 zero-day targeting Microsoft Defender enabled ransomware operators to disable real-time protection and execute arbitrary code. Analysis
Introduction: The Promise and Peril of OpenReception OpenReception emerged as a pioneering...
Organizations are drowning in 'Critical' CVEs in container images, most of which are never exploitable. The scanner found a vulnerable library. The application never calls it. Without a reachability map, every CVE is treated as an emergency. Developers waste 20% of their time patching code that's never loaded into memory.
Introduction: The AI-Driven Vulnerability Surge The exponential growth of AI-driven...