Invariant Labs

😈 BEWARE: Claude 4 + GitHub MCP will leak your private GitHub repositories, no questions asked. We discovered a new attack on agents using GitHub’s official MCP server, which can be exploited by attackers to access your private repositories. creds to @marco_milanta (1/n) 👇

Invariant researchers have uncovered a new security flaw in GitHub’s official MCP server, enabling attackers to exfiltrate private repository data. The toxic flow was identified during an automated scan using Invariant's security stack. Learn more: invariantlabs.ai/blog/mcp-githu…

🔵 New release: Invariant MCP-scan v0.2 is here! Track, audit & secure all local MCP traffic with static+dynamic scanning, local guardrails, and customizable policies. Ideal for orgs prioritizing agent security & compliance. Docs: explorer.invariantlabs.ai/docs/mcp-scan/ #AI #DevSecOps

We are proud to share that AgentDojo, an Invariant research project done with @ETH, has won the first price of the @ai_risks SafeBench competition. We truly appreciate this recognition from the community. Learn More: invariantlabs.ai/blog/agentdojo…

MCP is the hottest thing in AI right now, but people aren't really talking about the security implications... I covered a recently discovered exploit and mitigations on the @thenewstack today: thenewstack.io/building-with-…

We recently shipped a lot of updates to mcp-scan: - whitelisting of tools - Improvements to the server (reducing false-positives, improving detection) - run via npm/npx Much more coming soon! github.com/invariantlabs-… #mcp

🔴🌎 New MCP attack on BrowserMCP We show an MCP attack on the popular BrowserMCP. It allows attackers to read arbitrary files from your machine, when the agent visits the website below. Try yourself with: access.invariantlabs.ai No bad MCP server needed. (1/n)👇