The first malicious Model Context Protocol (MCP) server has been discovered and we should all be worried how this is foreshadowing AI cybersecurity risks!
Cybersecurity researchers at Koi Security detected malicious code within an MCP server that connects AI systems with Postmark email services. The code covertly copies every email and exfiltrates it back to the developer. It was created and distributed by a developer not associated with Postmark.
Although not overly serious or sophisticated, as it was only downloaded 1643 times, this is the first of what will become a pressing cybersecurity problem: MCP exploitations!
Artificial Intelligence systems need to access and leverage the capabilities of other digital systems. APIs are traditionally used for users or software to run queries or job, but those aren’t at the interactive level that AI systems require to be super helpful. This is where the Model Context Protocol (MCP) has been created to shine! MCPs enable AI systems to integrate in ways that allow for rich extensibility and cooperation. They are the bridge to make smart AI agents capable of actually executing plans versus just describing what needs to be done.
The problem is that MCP frameworks, like many tools of modern digital functionality, was not designed with robust cybersecurity principles in mind. APIs experienced the same situation years ago and were wil
[…]
Content was cut in order to protect the source.Please visit the source for the rest of the article.
Read the original article: