Tootfinder

Opt-in global Mastodon full text search. Join the index!

@frankel@mastodon.top
2025-05-29 17:12:03

GitHub #MCP #Exploited: Accessing private repositories via MCP
invariantlabs.ai/blog/mcp-gith

GitHub MCP Exploited: Accessing private repositories via MCP
We showcase a critical vulnerability with the official GitHub MCP server, allowing attackers to access private repository data. The vulnerability is among the first discovered by Invariant's security analyzer for detecting toxic agent flows.