A simple misconfiguration in the Smithery AI hosting platform could have exposed credentials for more than 3,000 MCP servers

Navigazione
- Categorie
- Recenti
- Mondo
- Ultime miste
- Tag
- Popolare
- Utenti
- Gruppi
- Preferiti
Account
- Registrati
- Accedi

Navigazione
- Categorie
- Recenti
- Mondo
- Ultime miste
- Tag
- Popolare
- Utenti
- Gruppi
- Preferiti
Account
- Registrati
- Accedi

Your browser does not seem to support JavaScript. As a result, your viewing experience will be diminished, and you have been placed in read-only mode.

Please download a browser that supports JavaScript, or enable it if it's disabled (i.e. NoScript).

A simple misconfiguration in the Smithery AI hosting platform could have exposed credentials for more than 3,000 MCP servers

Pianificato Fissato Bloccato Spostato
Senza categoria

1 1 0

C
139

0

C

campuscodi@mastodon.social

A simple misconfiguration in the Smithery AI hosting platform could have exposed credentials for more than 3,000 MCP servers

From Path Traversal to Supply Chain Compromise: Breaking MCP Server Hosting

We found a path traversal vulnerability in Smithery.ai that compromised over 3,000 MCP servers and exposed thousands of API keys. Here's how a single Docker build bug nearly triggered one of the largest AI supply chain attacks to date.

GitGuardian Blog - Take Control of Your Secrets Security (blog.gitguardian.com)
0
C cybersecurity@poliverso.org ha condiviso questa discussione