The Model Context Protocol (MCP) enables AI agents to interact with external tools across hybrid environments but introduces critical security vulnerabilities, including identity theft, data leakage, ...
A new proof-of-concept attack shows that malicious Model Context Protocol servers can inject JavaScript into Cursor’s browser — and potentially leverage the IDE’s privileges to perform system tasks.
Some results have been hidden because they may be inaccessible to you
Show inaccessible results
Feedback