Safeguard
Tag

mcp

Safeguard articles tagged "mcp" — guides, analysis, and best practices for software supply chain and application security.

79 articles

AI Security

MCP 2025-06-18: OAuth Resource Server Rules Defenders Must Understand

The June 2025 MCP spec made every server an OAuth 2.1 resource server, mandated RFC 8707 resource indicators, and added elicitation. Here is what changes for blue teams.

Jul 9, 20256 min read
Agent Security

MCP Inspector CVE-2025-49596: Anatomy of a 9.4 RCE in Anthropic's Reference Tool

A missing auth check in MCP Inspector versions below 0.14.1 let any website pop a shell on a developer's machine. Here is the full chain and what to fix.

Jul 8, 20256 min read
AI Security

Asana MCP Cross-Tenant Leak: A SaaS Connector Failure Mode

From May 1 to June 17, 2025, Asana's MCP server exposed records from one customer's workspace to another. The bug was a textbook authorization break wearing an AI label.

Jul 2, 20257 min read
Product Launch

Introducing the Safeguard MCP Server: AI-Native Software Supply Chain Security

Safeguard launches its MCP Server, bringing software supply chain security directly into AI-powered development workflows through the Model Context Protocol.

Jul 1, 20255 min read
AI Security

Line Jumping: How MCP Tool Descriptions Attack Before Tools Are Called

Trail of Bits coined 'line jumping' for prompt injection delivered through MCP tool descriptions on connection. It bypasses every tool-invocation guardrail by design.

Apr 29, 20256 min read
AI Security

MCP Server Authentication and Authorization: Securing the AI Tool Layer

The Model Context Protocol enables AI agents to interact with external tools and data sources. Securing MCP servers requires authentication, authorization, and input validation patterns specific to the AI agent context.

Apr 5, 20258 min read
AI Security

MCP Protocol Security: What the Model Context Protocol Means for Supply Chains

Anthropic's Model Context Protocol standardizes how AI models interact with external tools. The security implications for software supply chains are significant.

Feb 20, 20256 min read
mcp (Page 7) — Safeguard Blog