12 comments

[ 4.2 ms ] story [ 25.7 ms ] thread
Truly, S in MCP stands for Security!
And P in WFH stands for productive.
MCP new spec has to an extent covered auth. But the MCPs are yet to adopt to that.
MCP adoption is picking up fast.
(comment deleted)
This post is an obvious victim of upvote manipulation. HN should ban the forgecode domain if it's going to abuse submissions like this.
We have not learned anything from the hundreds of open MongoDB databases without passwords floating around the internet waiting to be breached.

We now have the same with MCP servers in the AI era as documented in [0].

[0] https://news.ycombinator.com/item?id=44604453

MCP clearly needs an independent monitoring program to safeguard it. Let's call it Tron.
What are the actual exploits that should be tested though?