frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Exposing the Unseen: Mapping MCP Servers Across the Internet

https://www.knostic.ai/blog/mapping-mcp-servers-study
38•gepeto42•4h ago

Comments

NitpickLawyer•2h ago
Sure, but I was expecting more details on what was available. At least some analysis (perhaps using embeddings) on common function names, types, etc. What are people exposing? Is there overlap? What % of the open servers looked the same (indicating a common example / tutorial deployment)? What's the proportion of read/write functions (again using embeddings / word cloud maybe?)...

As is the article feels a bit light on details. I'm not surprised that there are open servers out there, but if you're writing an article about that, at least provide interesting details.

john_minsk•1h ago
Hmmm. I thought that's the idea of MCP server - give LLM an interface to use your service. Why would it require authentication? One of the tools could be to authenticate. Please destroy this position if I'm wrong.
prophesi•56m ago
The two things I can think of are MCP servers with functions that make calls to a database with sensitive information, or are easy to pwn due to propping them up in a hasty and irresponsible manner.

The article would actually be interesting if they tried either of those with the servers they found.

victorbjorklund•52m ago
That only makes sense if models were autonomously adding MCP servers and managing accounts themselves. Currently, users add MCP servers to their clients (like Cursor or Claude Desktop), so authentication should happen at that level. If the model handled auth, you'd still need to provide credentials to the LLM for it to provide it to the MCP server anyway. It's better to pass auth data as for example headers in requests - this way your credentials never get sent to the model provider (unless you're running locally).
smrtinsert•1h ago
What happened to best practices? Starting a demo locally is something but opening it up to the internet irresponsibly is something else.
debarshri•58m ago
At least you can chat with the server when you feel lonely as a hacker. With MongoDB, you only get bson data.
rvz•1h ago
> We identified a total of 1,862 MCP servers exposed to the internet. From this set, we manually verified a sample of 119. All 119 servers granted access to internal tool listings without authentication.

Here we go again.

Before we had seen (and there still) MongoDB databases exposed all over the internet with zero credentials protecting them. (you can just connect to them and you are in.)

Now we have exposed MCP servers waiting to be prompt injected and their data to be exfiltrated from say, a connected service or database if they are connected to any. [0]

So now you can just talk to anyone's exposed MCP server and ask for the secret passwords, environment variables and sensitive data.

And the AI will just hand it all over.

[0] https://news.ycombinator.com/item?id=44507024

jddj•1h ago
How did they breach the server? They uh.. They told it that someone would die if it didn't send the .env with the AWS keys to prevent-the-tragedy.xyz
exe34•27m ago
I love that it's almost like shenanigans around the 3 laws of robotics.
mistrial9•1h ago
hide all the printers! demand biometrics!

safety people are excessive, too

qwertox•25m ago
Do major LLM providers, which allow the user of remote MCP to my own servers announce the IP ranges from which they will contact my servers?

In that case, limiting the remote IPs would also be useful. I haven't played around with MCP, but it's on my todo list.

orliesaurus•19m ago
It's like 2010 all over again: People would put api.domain.com up and no auth - great times for builders..and ill-intentioned folks!

Moped – Windows Notepad Equivalent for Mac

https://github.com/RobertoMachorro/Moped
1•muzzy19•1m ago•0 comments

The Boom Is in Data

https://medium.com/@jensenbox/ai-is-the-new-hotness-but-the-real-boom-is-in-data-f7df0aee79d2
1•jensenbox•2m ago•0 comments

The EM Dash Responds to the AI Allegations

https://www.mcsweeneys.net/articles/the-em-dash-responds-to-the-ai-allegations
1•lentoutcry•3m ago•0 comments

Global earthquake detection and warning using Android phones

https://www.science.org/doi/10.1126/science.ads4779
1•geox•5m ago•0 comments

Usage Rules: Leveling the Playing Field for AI-Assisted Development

https://www.zachdaniel.dev/p/usage-rules-leveling-the-playing
1•lawik•6m ago•0 comments

How to run an LLM on your laptop

https://www.technologyreview.com/2025/07/17/1120391/how-to-run-an-llm-on-your-laptop/
1•ulrischa•6m ago•0 comments

Experts lay into Tesla safety in federal autopilot trial

https://arstechnica.com/cars/2025/07/experts-lay-into-tesla-safety-in-federal-autopilot-trial/
2•duxup•7m ago•0 comments

Ask HN: Parents, what's the best AI tutor for kids?

1•actfrench•8m ago•0 comments

Structural and semantic deficiencies in the systemd architecture

https://blog.darknedgy.net/technology/2015/10/11/0/
1•themgt•9m ago•0 comments

The Subway Eats You Now

https://drinkyourmilk.blog/2025/07/17/the-subway-eats-you-now/
2•takeitezmoody•9m ago•0 comments

Summarize YouTube videos from the command line

https://www.npmjs.com/package/youtube-summary
1•peetle•11m ago•0 comments

How can I get first users for an AI tool for local businesses?

https://sites.google.com/view/mapboostai/mapbuddy
1•Davidepedrotti•13m ago•1 comments

House Passes Genius Act

https://www.cbsnews.com/news/house-vote-crypto-genius-act-stablecoin-regulations/
2•vedantnair•16m ago•0 comments

Wait a minute – developers who use GenAI tools are slower?

https://www.computerworld.com/article/4024251/wait-a-minute-developers-who-use-genai-tools-are-slower.html
1•CrankyBear•16m ago•0 comments

Fictitious Persons Disclaimer

https://en.wikipedia.org/wiki/Unintentional_defamation
1•thunderbong•17m ago•0 comments

Show HN: Souko.ai – Web scraping, search and extraction APIs for AI workflows

https://souko.ai/
1•ylian•17m ago•0 comments

A Survey of Context Engineering for Large Language Models

https://arxiv.org/abs/2507.13334
1•simonpure•17m ago•0 comments

The Year of Peak Might and Magic

https://www.filfre.net/2025/07/the-year-of-peak-might-and-magic/
2•cybersoyuz•18m ago•0 comments

To Bitcoin or Not to Bitcoin? A Corporate Cash Question

https://aswathdamodaran.blogspot.com/2025/07/to-bitcoin-or-not-to-bitcoin-corporate.html
1•charlieirish•20m ago•0 comments

Fireworks and Particulate Metal Concentrations on Independence Day

https://www.mdpi.com/2073-4433/16/1/17
2•PaulHoule•20m ago•0 comments

Asyncio Demystified: A Conceputal Overview

https://github.com/anordin95/a-conceptual-overview-of-asyncio/blob/main/readme.md
2•anordin95•21m ago•1 comments

DOJ Reveals Sale Price for Seized Wu-Tang Clan Album

https://www.bloomberg.com/news/newsletters/2025-07-18/doj-finally-reveals-sale-price-for-wu-tang-clan-album-it-seized-from-shkreli
3•toomuchtodo•22m ago•3 comments

Now Figma can set custom shortcuts, with my new plugin "Shortcuts"

https://www.figma.com/community/plugin/1525845395717695448/shortcuts
1•tankxu•23m ago•1 comments

Docs for AI Agents

https://technicalwriting.dev/ai/agents/
2•kaycebasques•24m ago•0 comments

Starbase injury rates outpace rivals as SpaceX chases its Mars moonshot

https://techcrunch.com/2025/07/18/starbase-injury-rates-outpace-rivals-as-spacex-chases-its-mars-moonshot/
8•rntn•28m ago•3 comments

Alan Kay's tribute to Ted Nelson (2015) [video]

https://www.youtube.com/watch?v=AnrlSqtpOkw
2•gone35•30m ago•0 comments

Front End Assets in Ruby on Rails Through the Years

https://cassey.dev/rails-frontend-asset-management/
1•pipase•31m ago•0 comments

Mac outlook release breaks shortcut key for reply all

https://old.reddit.com/r/microsoft365/comments/1lwdg24/mac_outlook_1699_commandshiftr_shortcut_for_reply/
1•robaato•32m ago•1 comments

Colour Contrast Checker

https://colourcontrast.cc/
1•pipase•34m ago•1 comments

You Can Change the Snooze Duration in iOS 26

https://lifehacker.com/tech/you-can-finally-change-the-snooze-duration-in-ios-26
1•taylodl•35m ago•2 comments