Malicious MCP Server Exfiltrates Secrets, BCC

A newly discovered malicious MCP (Managed Control Protocol) server has been found exfiltrating sensitive secrets and data, posing a significant threat to organizations relying on this protocol for secure communications. This attack vector exploits vulnerabilities in MCP implementations to stealthily siphon confidential information, including authentication credentials and proprietary data. The malicious server operates by intercepting and redirecting traffic, enabling attackers to gain unauthorized access and maintain persistence within targeted networks. Security researchers emphasize the importance of monitoring MCP traffic and implementing robust detection mechanisms to mitigate this emerging threat. Organizations are advised to update their MCP-related software, apply security patches promptly, and conduct thorough audits of their network environments to identify potential compromises. This incident underscores the evolving landscape of application-layer attacks and the critical need for comprehensive security strategies encompassing protocol-level defenses. Cybersecurity teams should prioritize threat intelligence sharing and adopt proactive measures to safeguard against similar exfiltration campaigns leveraging MCP vulnerabilities.

This Cyber News was published on www.darkreading.com. Publication date: Mon, 29 Sep 2025 21:30:07 +0000


Cyber News related to Malicious MCP Server Exfiltrates Secrets, BCC

You Don't Know Where Your Secrets Are - Do you know where your secrets are? If not, I can tell you: you are not alone. Hundreds of CISOs, CSOs, and security leaders, whether from small or large companies, don't know either. No matter the organization's size, the certifications, tools, ...
2 years ago Thehackernews.com
Securing the code: navigating code and GitHub secrets scanning - Enter the world of GitHub secrets scanning tools, the vigilant sentinels of your digital gala. Secrets scanning in GitHub is anchored by two fundamental strategies: proactive prevention and reactive detection, each serving a critical function in ...
1 year ago Securityboulevard.com
GitGuardian Launches MCP Server to Bring Secrets Security into Developer Workflows - GitGuardian, the leader in automated secrets detection and remediation, today announced the launch of its Model Context Protocol (MCP) Server, a powerful new infrastructure designed to bring AI-assisted secrets security directly into developer ...
2 months ago Cybersecuritynews.com
Critical mcp-remote Vulnerability Exposes LLM Clients to Remote Code Execution Attacks - According to the JFrog security research team report, CVE-2025-6514 exploits the OAuth authorization flow in mcp-remote, a proxy tool that enables LLM hosts like Claude Desktop to communicate with remote MCP servers. The vulnerability affects ...
2 months ago Cybersecuritynews.com CVE-2025-6514
Malicious MCP Server Exfiltrates Secrets, BCC - A newly discovered malicious MCP (Managed Control Protocol) server has been found exfiltrating sensitive secrets and data, posing a significant threat to organizations relying on this protocol for secure communications. This attack vector exploits ...
1 week ago Darkreading.com
New Attack Techniques Using MCP & How It Will be Used to Build Security Tools - The security industry’s rapid response to MCP demonstrates the ongoing evolution of cybersecurity defenses, with researchers already incorporating elements of MCP’s evasion techniques into next-generation security tools that promise ...
5 months ago Cybersecuritynews.com
Threat Actors Can Weaponize MCP Servers - Threat actors have discovered new ways to exploit MCP (Master Control Program) servers, turning them into potent weapons for cyberattacks. MCP servers, critical in managing and controlling network operations, are increasingly targeted due to their ...
3 weeks ago Cybersecuritynews.com
Over 12 million auth secrets and keys leaked on GitHub in 2023 - GitHub users accidentally exposed 12.8 million authentication and sensitive secrets in over 3 million public repositories during 2023, with the vast majority remaining valid after five days. The exposed secrets include account passwords, API keys, ...
1 year ago Bleepingcomputer.com
Honeytokens for Peace Of Mind - If you have been tackling the realities of secrets sprawl, getting a handle on all the hardcoded credentials in your organization, then we understand the stress and the restless nights that can bring. Even a small team can add hundreds of secrets a ...
1 year ago Feeds.dzone.com
Privileged Access Management for DevOps - Recently, KuppingerCole released the first edition of its Leadership Compass for Privileged Access Management for DevOps. The KuppingerCole report recognizes the unique and complex challenges that exist in DevOps and other dynamic environments. The ...
2 years ago Beyondtrust.com Patchwork
CVE-2025-47274 - ToolHive is a utility designed to simplify the deployment and management of Model Context Protocol (MCP) servers. Due to the ordering of code used to start an MCP server container, versions of ToolHive prior to 0.0.33 inadvertently store secrets in ...
4 months ago
GitGuardian Report: 70% of Leaked Secrets Remain Active for Two Years, Urging Immediate Remediation - GitGuardian, the security leader behind GitHub’s most installed application, today released its comprehensive “2025 State of Secrets Sprawl Report,” revealing a widespread and persistent security crisis that threatens organizations ...
6 months ago Cybersecuritynews.com
new detectors, your favorite features, and what's coming next in GitGuardian - GitGuardian Secrets Detection More detectors = more secrets caught. Every detector has its comprehensive ID card in the public documentation, outlining the secret type, its intended usage and scope, and detailed steps for revocation. If you haven't ...
1 year ago Securityboulevard.com
CVE-2024-28236 - Vela is a Pipeline Automation (CI/CD) framework built on Linux container technology written in Golang. Vela pipelines can use variable substitution combined with insensitive fields like `parameters`, `image` and `entrypoint` to inject secrets into a ...
1 year ago
The Secret Weakness Execs Are Overlooking: Non-Human Identities - By shifting our focus to secrets security and adopting a comprehensive approach that includes robust detection, automated remediation, and integration with identity systems, organizations can significantly reduce their attack surface and bolster ...
1 year ago Thehackernews.com
GitHub expands security tools after 39 million secrets leaked in 2024 - Standalone Secret Protection and Code Security – Now available as separate products, these tools no longer require a full GitHub Advanced Security license, making them more affordable for smaller teams. GitHub announced updates to its Advanced ...
6 months ago Bleepingcomputer.com
Entro Security Newest Competitor in 2024 'ASTORS' Awards Program - Secrets management and monitoring are crucial components of any security program. Entro is a holistic secret security platform designed specifically for security teams and CISOs. To ensure that doesn't happen, Entro offers an exclusive secrets ...
1 year ago Americansecuritytoday.com
Kubernetes Security: Sensitive Secrets Exposed - Cybersecurity researchers are warning of Kubernetes security issues amid the exposure of configuration secrets. Researchers believe that such attacks could be orchestrated using Kubernetes secrets exposed in public repositories as they allow access ...
1 year ago Securityboulevard.com
Anthropic’s MCP Server Vulnerability Let Attackers Escape Server’s Sandbox and Execute Arbitrary Code - Two high-severity vulnerabilities in Anthropic’s Model Context Protocol (MCP) Filesystem Server enable attackers to escape sandbox restrictions and execute arbitrary code on host systems. When validation fails on the symlink target, the code ...
3 months ago Cybersecuritynews.com CVE-2025-53109
CVE-2025-53100 - RestDB's Codehooks.io MCP Server is an MCP server on the Codehooks.io platform. Prior to version 0.2.2, the MCP server is written in a way that is vulnerable to command injection attacks as part of some of its MCP Server tools definition and ...
3 months ago
CVE-2025-53818 - GitHub Kanban MCP Server is a Model Context Protocol (MCP) server for managing GitHub issues in Kanban board format and streamlining LLM task management. Versions 0.3.0 and 0.4.0 of the MCP Server are written in a way that is vulnerable to command ...
2 months ago
Critical Vulnerability in Anthropic MCP Inspector Let Attackers Execute Arbitrary Code - This vulnerability represents one of the first critical security flaws found in Anthropic’s Model Context Protocol (MCP) ecosystem, potentially exposing AI developers and organizations to significant cyber threats through browser-based attacks. ...
3 months ago Cybersecuritynews.com

Cyber Trends (last 7 days)