
MCP credential weakness raises red flags
More than half of Model Context Protocol servers were found to rely on static, long-lived credentials. With AI agents on the rise, that’s a problem.
Read More about MCP credential weakness raises red flagsFreelance technology writer. John's work has appeared in the The Boston Globe and Boston Herald, as well as CFO, CIO, CSO, and Inc. magazines. He is a former managing editor of the Boston Business Journal and Boston Phoenix, as well as a staff writer for Government Security News.
find John P. Mello Jr. on:
More than half of Model Context Protocol servers were found to rely on static, long-lived credentials. With AI agents on the rise, that’s a problem.
Read More about MCP credential weakness raises red flagsVibe-coded apps that make it to production can be a minefield for security teams. Here are key takeaways for your AppSec team.
Read More about 5 vibe coding security lessonsAttack surface management (ASM) isn’t just another buzzword. It represents a fundamental shift in security strategy with risk on the rise.
Read More about ASM and the attack surface: 10 key risk factorsA malicious Model Context Protocol package was found in the wild last week. Here are lessons from the compromise of the AI interface tool.
Read More about The Postmark MCP server attack: 5 key takeawaysAI coding and other modern development practices mean flawed code will continue to ship. Here are key recommendations for managing software risk.
Read More about Deadlines vs. secure code: How AppSec can copeIf you train ML models, they can learn to write more secure code. But the quality of the training data is only as good as your AppSec tooling.
Read More about How AI coding can learn to do secure softwareThe new procurement tool seeks to strengthen third-party software risk management (TPSRM). But the process is manual and cumbersome.
Read More about CISA tool aims to boost security for software onboardingThe new procurement tool seeks to strengthen third-party software risk management (TPSRM). But the process is manual and cumbersome.
Read More about CISA tool aims to boost security for software onboardingESET researchers have discovered malware that taps into OpenAI’s large language model to assist in ransomware attacks.
Read More about The future is here: AI-assists new ransomwareGet your 14-day free trial of Spectra Assure
Get Free TrialMore about Spectra Assure Free Trial