frontpage.
newsnewestaskshowjobs

Made with ♥ by @iamnishanth

Open Source @Github

Open in hackernews

Exposed MCP servers across the internet

https://www.knostic.ai/blog/mapping-mcp-servers-study
47•gepeto42•5h ago

Comments

NitpickLawyer•3h ago
Sure, but I was expecting more details on what was available. At least some analysis (perhaps using embeddings) on common function names, types, etc. What are people exposing? Is there overlap? What % of the open servers looked the same (indicating a common example / tutorial deployment)? What's the proportion of read/write functions (again using embeddings / word cloud maybe?)...

As is the article feels a bit light on details. I'm not surprised that there are open servers out there, but if you're writing an article about that, at least provide interesting details.

john_minsk•2h ago
Hmmm. I thought that's the idea of MCP server - give LLM an interface to use your service. Why would it require authentication? One of the tools could be to authenticate. Please destroy this position if I'm wrong.
prophesi•1h ago
The two things I can think of are MCP servers with functions that make calls to a database with sensitive information, or are easy to pwn due to propping them up in a hasty and irresponsible manner.

The article would actually be interesting if they tried either of those with the servers they found.

victorbjorklund•1h ago
That only makes sense if models were autonomously adding MCP servers and managing accounts themselves. Currently, users add MCP servers to their clients (like Cursor or Claude Desktop), so authentication should happen at that level. If the model handled auth, you'd still need to provide credentials to the LLM for it to provide it to the MCP server anyway. It's better to pass auth data as for example headers in requests - this way your credentials never get sent to the model provider (unless you're running locally).
smrtinsert•2h ago
What happened to best practices? Starting a demo locally is something but opening it up to the internet irresponsibly is something else.
debarshri•1h ago
At least you can chat with the server when you feel lonely as a hacker. With MongoDB, you only get bson data.
rvz•2h ago
> We identified a total of 1,862 MCP servers exposed to the internet. From this set, we manually verified a sample of 119. All 119 servers granted access to internal tool listings without authentication.

Here we go again.

Before we had seen (and there still) MongoDB databases exposed all over the internet with zero credentials protecting them. (you can just connect to them and you are in.)

Now we have exposed MCP servers waiting to be prompt injected and their data to be exfiltrated from say, a connected service or database if they are connected to any. [0]

So now you can just talk to anyone's exposed MCP server and ask for the secret passwords, environment variables and sensitive data.

And the AI will just hand it all over.

[0] https://news.ycombinator.com/item?id=44507024

jddj•2h ago
How did they breach the server? They uh.. They told it that someone would die if it didn't send the .env with the AWS keys to prevent-the-tragedy.xyz
exe34•1h ago
I love that it's almost like shenanigans around the 3 laws of robotics.
mistrial9•2h ago
hide all the printers! demand biometrics!

safety people are excessive, too

piperswe•20m ago
MCP servers don't tend to use LLMs... how are you prompt injecting an MCP server?
qwertox•1h ago
Do major LLM providers, which allow the user of remote MCP to my own servers announce the IP ranges from which they will contact my servers?

In that case, limiting the remote IPs would also be useful. I haven't played around with MCP, but it's on my todo list.

orliesaurus•1h ago
It's like 2010 all over again: People would put api.domain.com up and no auth - great times for builders..and ill-intentioned folks!
pi_22by7•45m ago
I’m with @NitpickLawyer on this; the scan is cool, but I was hoping for a bit more detail on what’s actually being exposed. Even something like a breakdown of common tool names or clustering by function type would’ve been really insightful.

That said, it’s still surprising (and a little funny) to see how fast these things end up public. Probably lots of default setups left running without realizing they’re wide open.

neonate•35m ago
http://web.archive.org/web/20250718145200/https://www.knosti...
anonzzzies•10m ago
Not that surprising when looking at the quality of 99% of the MCP projects. Vibe hacks that are just for github stars.

lsr: ls with io_uring

https://rockorager.dev/log/lsr-ls-but-with-io-uring/
220•mpweiher•5h ago•120 comments

Trying Guix: A Nixer's impressions

https://tazj.in/blog/trying-guix
64•todsacerdoti•3d ago•8 comments

CP/M creator Gary Kildall's memoirs released as free download

https://spectrum.ieee.org/cpm-creator-gary-kildalls-memoirs-released-as-free-download
177•rbanffy•8h ago•70 comments

I'm Peter Roberts, immigration attorney who does work for YC and startups. AMA

111•proberts•3h ago•153 comments

CoCo1 composite video

https://www.leadedsolder.com/2025/07/15/tandy-trs80-coco-composite-mod-aquarius.html
16•zdw•3d ago•0 comments

Fully homomorphic encryption and the dawn of a private internet

https://bozmen.io/fhe
380•barisozmen•14h ago•178 comments

Meta says it wont sign Europe AI agreement, calling it growth stunting overreach

https://www.cnbc.com/2025/07/18/meta-europe-ai-code.html
20•rntn•33m ago•4 comments

When root meets immutable: OpenBSD chflags vs. log tampering

https://rsadowski.de/posts/2025/openbsd-immutable-system-logs/
112•todsacerdoti•9h ago•40 comments

HathiTrust Digital Library

https://www.hathitrust.org/
41•djoldman•3d ago•15 comments

Hundred Rabbits – Low-tech living while sailing the world

https://100r.co/site/home.html
164•0xCaponte•4d ago•36 comments

Dear valued user, You have reached the error page for the error page

https://imgur.com/a/2H7HVcU
107•Alex3917•2h ago•17 comments

The Art of Roland-Garros

https://www.garros.gallery/
36•pentagrama•3d ago•3 comments

Firefox-patch-bin, librewolf-fix-bin AUR packages contain malware

https://lists.archlinux.org/archives/list/aur-general@lists.archlinux.org/thread/7EZTJXLIAQLARQNTMEW2HBWZYE626IFJ/
21•rrampage•41m ago•8 comments

Starbase injury rates outpace rivals as SpaceX chases its Mars moonshot

https://techcrunch.com/2025/07/18/starbase-injury-rates-outpace-rivals-as-spacex-chases-its-mars-moonshot/
21•rntn•1h ago•31 comments

Psilocybin decreases depression and anxiety in cancer patients (2016)

https://pmc.ncbi.nlm.nih.gov/articles/PMC5367557/
212•Bluestein•7h ago•193 comments

15 Years of Building Jefit

https://www.jefit.com/our-story
41•jasong•3d ago•27 comments

Resolve (YC W15) Is Hiring an Operations and Billing Lead for Construction VR

1•ugolino91•6h ago

Ask HN: Any active COBOL devs here? What are you working on?

189•_false•5h ago•150 comments

Exposed MCP servers across the internet

https://www.knostic.ai/blog/mapping-mcp-servers-study
47•gepeto42•5h ago•16 comments

Row Polymorphic Programming

https://www.stranger.systems/posts/by-slug/row-polymorphic-programming.html
35•todsacerdoti•3d ago•21 comments

Ask HN: GCP Outage?

67•grilledchickenw•3h ago•29 comments

'Gaza: Doctors Under Attack', a film that the BBC refused to air is out now

https://zeteo.com/p/watch-now-gaza-doctors-under-attack
4•lr0•18m ago•0 comments

LibreOffice slams Microsoft for locking in Office users w/ complex file formats

https://www.neowin.net/news/libreoffice-calls-out-microsoft-for-using-complex-file-formats-to-lock-in-office-users/
33•bundie•1h ago•8 comments

A New Geometry for Einstein's Theory of Relativity

https://www.quantamagazine.org/a-new-geometry-for-einsteins-theory-of-relativity-20250716/
7•jandrewrogers•3h ago•0 comments

DuckDuckGo now lets you hide AI-generated images in search results

https://techcrunch.com/2025/07/18/duckduckgo-now-lets-you-hide-ai-generated-images-in-search-results/
103•moose44•1h ago•40 comments

ICE is getting unprecedented access to Medicaid data

https://www.wired.com/story/ice-access-medicaid-data/
178•josefresco•3h ago•153 comments

My experience with Claude Code after two weeks of adventures

https://sankalp.bearblog.dev/my-claude-code-experience-after-2-weeks-of-usage/
365•dejavucoder•1d ago•332 comments

Inspect ANSI control codes and escape sequences

https://ansi.tools
85•webpro•3d ago•42 comments

Perfume reviews

https://gwern.net/blog/2025/perfume
301•surprisetalk•1d ago•160 comments

H-1B program grew 81 percent from 2011 to 2022

https://twitter.com/USTechWorkers/status/1945999773825196492
94•DonnyV•2h ago•111 comments