|
|
|
|
|
|
by zahlman
333 days ago
|
|
|
> You don’t always need a vulnerable app to pull off a successful exploit.
Sometimes all it takes is a well-crafted email, an LLM agent, and a few “innocent” plugins. The problem is that people can say "LLM agent" without realizing that calling this a "vulnerable app" is not only true but a massive understatement. > Each individual MCP component can be secure, but none are vulnerable in isolation. The ecosystem is. No, the LLM is. |
|
|