Infosecurity-magazine.com

Malicious Commands in GitHub Codespaces Enable RCE

A set of attack vectors in GitHub Codespaces have been uncovered that enable remote code execution (RCE) by opening a malicious repository or pull request. The findings by Orca Security, show how ...
Infosecurity-magazine.com

Prompt Injection Bugs Found in Official Anthropic Git MCP Server

Three security vulnerabilities in the official Git server for Anthropic's Model Context Protocol (MCP), mcp-server-git, have been identified by cybersecurity researchers. The flaws can be exploited ...
SiliconANGLE

Anthropic’s official Git MCP server hit by chained flaws that enable file access and code ...

Anthropic PBC’s official Git Model Context Protocol server has several security vulnerabilities that can lead to arbitrary file access and, in some scenarios, full remote code execution triggered ...