Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

New Microsoft research shows how attackers can hijack AI agents that act on a user’s behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider.

The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm may fire.

The work comes from Microsoft Incident Response and its

Source: The Hacker News

Tags:

Leave a Reply

Your email address will not be published. Required fields are marked *

Explore More

Attack Update: Top 5 Attack-IPs auf doode.info – 18.06.2026

Watchtower Attack Update. Hier die aktuellen Top 5 Attack-IPs, die auf doode.info klopfen. 74.7.227.2 — 1146 requests (recent log) 213.209.159.175 — 263 requests (recent log) 89.167.35.212 — 246 requests (recent

Read More

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks

Mustang Panda Uses Zoho WorkDrive as Command Channel in Indian Government Attacks The China-aligned espionage group Mustang Panda is running two campaigns against the Indian government and hydropower targets, deploying new malware

Read More

Cyberdecks, going analog, and convivial technology

Cyberdecks, going analog, and convivial technology Source: Hacker News

Read More