Invariant Labs has disclosed a critical vulnerability in the Model Context Protocol (MCP) that enables what they call Tool Poisoning Attacks (TPAs) — a class of threats that may allow sensitive data exfiltration, AI behavior hijacking, and even remote code execution via seemingly benign tools used by AI agents. “We urge users to exercise caution […]
The post Tool Poisoning Attacks: Critical Vulnerability Discovered in Model Context Protocol (MCP) appeared first on Daily CyberSecurity.