Yet another example of the classic Markdown image exfiltration attack, this time affecting GitLab Duo - GitLab's chatbot. Omer Mayraz reports on how they found and disclosed the issue. The …| Simon Willison’s Weblog
As more people start hacking around with implementations of MCP (the Model Context Protocol, a new standard for making tools available to LLM-powered systems) the security implications of tools built …| Simon Willison’s Weblog
We showcase a critical vulnerability with the official GitHub MCP server, allowing attackers to access private repository data. The vulnerability is among the first discovered by Invariant's security analyzer for detecting toxic agent flows.| invariantlabs.ai
