frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

fp.

Open in hackernews

MCP Security 2026: 30 CVEs in 60 Days

https://www.heyuan110.com/posts/ai/2026-03-10-mcp-security-2026/
2•danebalia•1h ago

Comments

danebalia•1h ago
30 CVEs. 60 days. 437,000 compromised downloads. The Model Context Protocol went from “promising open standard” to “active threat surface” faster than anyone predicted.

Between January and February 2026, security researchers filed over 30 CVEs targeting MCP servers, clients, and infrastructure. The vulnerabilities ranged from trivial path traversals to a CVSS 9.6 remote code execution flaw in a package downloaded nearly half a million times. And the root causes were not exotic zero-days — they were missing input validation, absent authentication, and blind trust in tool descriptions.

If you are running MCP servers in production — or even just experimenting with them in Claude Code or Cursor — this article is your field guide to what went wrong and how to protect yourself.

Diels-grabsch2: Self Hashing C Program (2019)

https://www.ioccc.org/2019/diels-grabsch2/
1•icwtyjj•27s ago•0 comments

Rivian R2 launch: Here's what $57,990 gets you

https://techcrunch.com/2026/03/12/rivian-r2-launch-heres-what-57990-gets-you/
1•evo_9•1m ago•0 comments

Optimizing Content for Agents

https://cra.mr/optimizing-content-for-agents/
1•handfuloflight•1m ago•0 comments

Costco Sued by Customer over Tariff Refund

https://www.wsj.com/business/retail/costco-sued-by-customer-over-tariff-refund-42e7c3c4
1•JumpCrisscross•1m ago•0 comments

Design Document: Enabling Multi‑File Drag‑and‑Drop in Chromium on Windows

https://docs.google.com/document/d/1nHPDuEE876RMKwYBVzWgPvsek-9X1NhZuFyY5Q5Z6YU/edit?usp=sharing
1•joonehur•2m ago•0 comments

Show HN: Become the Next Sequoia Partner

http://nextsequoiapartner.org/
1•lundha•3m ago•0 comments

FlowViz – A free, zero-login Mermaid diagram editor

https://flowviz.app/
1•mizarau•4m ago•1 comments

British tourist among 20 charged in Dubai over videos of Iranian missile strikes

https://www.theguardian.com/world/2026/mar/12/british-tourist-among-20-charged-in-dubai-over-vide...
1•TheAlchemist•7m ago•0 comments

Mapping production AI agents to IAM roles, tools, and network exposure

https://cartography.dev/blog/aibom
1•alexchantavy•7m ago•0 comments

Show HN: Slop or not – can you tell AI writing from human in everyday contexts?

https://slop-or-not.space
1•eigen-vector•7m ago•0 comments

Verified orchestration and cost tracking for Copilot CLI

https://github.com/moonrunnerkc/copilot-swarm-orchestrator
1•bradkinnard•8m ago•1 comments

Theremin Schematics

http://www.thereminworld.com/Schematics
1•dmbche•8m ago•0 comments

Straightforward descriptions of cybersecurity products. You're welcome

https://risky.biz/catalog/
1•mooreds•8m ago•0 comments

Is the sky falling for international enrollment?

https://www.chronicle.com/newsletter/latitudes/2026-03-11
1•mooreds•15m ago•1 comments

Show HN: I've just launched my own API

https://docs.simpleblogapi.com
1•lucastonelli•16m ago•1 comments

How to build a sharable Claude Code agent with skills

https://registry.gitagent.sh
1•Shreyaskapale•16m ago•0 comments

Perlsky Is a Perl 5 Implementation of an at Protocol Personal Data Server

https://tangled.org/alice.mosphere.at/perlsky
1•mooreds•16m ago•0 comments

Show HN: Push-to-talk dictation for Android apps and terminal workflows

1•pol_avec•17m ago•0 comments

A.I. Incites a New Wave of Grieving Parents Fighting for Online Safety

https://www.nytimes.com/2026/03/10/technology/ai-social-media-child-safety-parents.html
2•SCEtoAux•19m ago•0 comments

CrackArmor: Multiple Vulnerabilities in AppArmor

https://cdn2.qualys.com/advisory/2026/03/10/crack-armor.txt
1•stevekemp•20m ago•0 comments

Does Where You're Born Matter More Than How Hard You Work?

https://www.decodeecon.com/p/does-where-youre-born-matter-more
1•NomNew•22m ago•0 comments

Show HN: OpenClaw-class agents on ESP32 (and the IDE that makes it possible)

https://pycoclaw.com/
1•pycoclaw•23m ago•1 comments

Show HN: Turkish Sieve Engine – Full Prime Statistics Up to 10^14 and V2 Preview

https://github.com/bilgisofttr/turkishsieve
1•bilgisoft•24m ago•0 comments

Faster Bundler

https://railsatscale.com/2026-03-09-faster-bundler/
1•hahahacorn•25m ago•0 comments

Big Pork attacks California law on caging

https://www.latimes.com/politics/newsletter/2026-03-12/chabria-column-pig-confinement-pork-califo...
2•bilsbie•25m ago•0 comments

A DOGE bro left Social Security with 500M records on a drive and expected pardon

https://www.techdirt.com/2026/03/11/a-doge-bro-allegedly-walked-out-of-social-security-with-500-m...
1•spenvo•25m ago•0 comments

How to Run Local LLMs with Claude Code (Unsloth)

https://unsloth.ai/docs/basics/claude-code
1•armcat•25m ago•0 comments

AI assistants now equal 56% of global search engine volume

https://searchengineland.com/ai-assistants-global-search-engine-volume-study-471118
2•gmays•26m ago•0 comments

What is the strongest open source model for coding against Opus 4.6?

2•eeko_systems•30m ago•0 comments

Whole-Brain Connectomic Graph Model Enables Whole-Body Locomotion Control in Fly

https://arxiv.org/abs/2602.17997
2•sosodev•31m ago•0 comments