Breaking 17:20 Pentagon says 13 ships turned back as Iran blockade faces evasion tactics 17:00 Oil giants set to gain $234 billion windfall from war driven prices 16:45 President Erdoğan welcomes Turkish Cypriot counterpart in Istanbul 16:40 Anthropic AI protocol flaw exposes thousands of servers to attacks 16:30 Public service shifts toward more effective and transparent indicators 16:20 World Bank warns Iran war could push 60 million into hunger 16:15 Orban’s defeat sparks internal debate and calls for renewal within Fidesz 16:01 Ikea and Chupa Chups launch a vegan meatball-flavored lollipop in an unexpected collaboration 16:00 TSMC 2nm chip shortage forces smartphone makers to scale back models 15:45 Spain calls for joint EU debt issuance to reduce borrowing costs 15:40 AI firms shift from seat pricing to usage based revenue models 15:30 U.S. lawmakers revise bill aimed at Chinese chipmaking industry 15:20 Lebanon president rejects call with Netanyahu despite Trump announcement 15:15 Sweden rethinks digital learning and returns to traditional classrooms 15:00 BLS International strengthens visa services in Morocco ahead of peak season 15:00 Playmobil to open first factory outlet store in France 14:45 Starlink growth surges as Spacex eyes potential public debut 14:40 Global regulators scramble as AI model raises banking cyber risk fears 14:30 Klm cancels 160 flights amid rising fuel costs 14:20 Nvidia CEO admits missing Anthropic investment while defending AI dominance 14:15 Ocp raises $1.5 billion through landmark hybrid bond issuance 14:00 Amex moves to acquire hyper in bid to expand Ai-powered expense tools 13:50 EU warns gas prices will stay high for years after war damage 13:45 Scotland’s Snp promises price cap on essential foods ahead of elections 13:30 Tpg invests $100 million in student mobility company zum 13:15 Switch Off and read: Macron urges teenagers to reduce screen time 13:05 Health insurance: reusable menstrual products to be reimbursed from the start of the school year 12:30 Burundi communication minister found dead in his vehicle near Bujumbura 12:20 Erdogan calls Israeli leaders “child killers” in sharp escalation 12:15 Bny reports higher profit driven by strong fees and interest income growth 12:00 Eu says Google should allow third-party search engines access to data 12:00 Refinery fire in Australia deepens Asia fuel supply crisis 11:45 Kering to acquire stake in Chinese luxury brand icicle 11:40 Israel army declares south Lebanon a “death zone” amid escalation 11:30 UK financial regulator introduces clearer and simpler short selling rules 11:20 Solana teaser on XRP fuels speculation over potential blockchain integration 11:15 Heavy floods in the Dominican Republic and Haiti leave at least 19 dead and thousands displaced 11:00 Remains of Sophie Narme exhumed in cold case investigation linked to Dominique Pelicot 11:00 Let cofounder Amir Hamza critically wounded in Lahore shooting 10:45 Chanel expands in California with the acquisition of a new vineyard estate 10:40 Sunkissed makeup dominates spring 2026 beauty trends 10:30 Fight against illiteracy in Morocco: 2.4 million beneficiaries in three years 10:20 Gartner warns most ai driven mainframe migrations will fail 10:15 French competition watchdog fines retailers €12.7 million over organic products cartel 10:00 Brazilian payments firm ebanx expands into southeast Asia markets 10:00 New method hunts alien life through planetary patterns not biosignatures 09:45 Bulgaria’s pro-Russian former president leads election race on anti-corruption platform 09:40 Bitcoin proposal seeks to freeze satoshi era coins over quantum risk 09:30 El Al expands boeing deal with order for six additional dreamliners 09:20 Researchers hijack ai agents via github prompt injection attacks 09:15 Stellantis to end car production at poissy plant by 2029 09:00 India-Zambia talks on critical minerals stall over mining rights concerns 09:00 Mars bathtub ring discovery points to long lasting ancient ocean 08:45 Flydubai resumes flights to Beirut as regional air travel recovers 08:40 Largest gravity test confirms Newton and Einstein across cosmic scales 08:30 Jd sports exits applied nutrition stake in multimillion-dollar deal 08:20 Ai models can pass hidden traits through unrelated data study finds 08:15 Air liquide invests in Japan to support next-generation ai chip production 08:00 Hays reports decline in net fees as hiring demand weakens in Germany 07:50 Nikkei hits record high as US Iran talks lift markets 07:45 Eqt relaunches sale of ginko with billion-dollar valuation target 07:30 Inditex reports unauthorised access to transaction databases 07:15 UK economy posts stronger-than-expected growth in early 2026 07:00 Easyjet warns of rising losses amid fuel surge and legal costs 06:20 Transforming imperfections into works of art

Anthropic AI protocol flaw exposes thousands of servers to attacks

16:40
By: Dakir Madiha
Anthropic AI protocol flaw exposes thousands of servers to attacks

A critical vulnerability in an artificial intelligence protocol developed by Anthropic could expose more than 200,000 instances and thousands of publicly accessible servers to cyberattacks, according to findings from security firm OX Security. The flaw affects the Model Context Protocol, an open standard designed to connect AI systems with external data sources and tools.

Researchers say the issue allows attackers to execute arbitrary commands on vulnerable systems, potentially exposing sensitive user data, internal databases, API keys, and conversation histories. The scale of exposure spans over 7,000 internet facing servers and hundreds of open source projects that rely on the protocol.

Unlike typical software bugs, the vulnerability is rooted in the protocol’s architecture. OX Security found that official software development kits across multiple programming languages inherit the same design flaw. This means developers using the protocol may unknowingly introduce security risks into their systems without clear warnings or safeguards.

The exploit centers on how the protocol handles local process execution through its STDIO interface. Malicious commands can be executed even if the underlying process fails to start properly, with no validation or sanitization checks triggered. Researchers say this behavior creates a silent attack vector that bypasses standard developer tooling alerts.

Anthropic has characterized the behavior as expected and has declined to modify the protocol at its core. The company maintains that the execution model is secure by default and that input sanitization should be handled by developers. This stance has drawn criticism from cybersecurity experts, who argue that leaving such protections to individual developers increases systemic risk.

The findings add to broader concerns around the security of AI infrastructure. OX Security reports it has identified multiple high severity vulnerabilities tied to projects built on the protocol, along with numerous responsible disclosures. Previous research by other firms has also highlighted potential remote code execution paths linked to similar integrations.

Experts warn that relying on developers to secure foundational components could lead to widespread exposure, given inconsistent security practices across the ecosystem. The case highlights growing tensions between rapid AI innovation and the need for robust security standards.

Keywords:



Latest News
  • Fajr
  • Sunrise
  • Dhuhr
  • Asr
  • Maghrib
  • Isha

Newsletter

Subscribe now to the Walaw website newsletter to receive all the latest updates

Email address

Read more

Anthropic launches Claude Code Channels for messaging platforms Technology Anthropic launches Claude Code Channels for messaging platforms

This website, walaw.press, uses cookies to provide you with a good browsing experience and to continuously improve our services. By continuing to browse this site, you agree to the use of these cookies.