Hacker Newsnew | past | comments | ask | show | jobs | submitlogin

Yeah, I am surprised at the lack of real-world exploits too.

I think it's because MCPs still aren't widely enough used that attackers are targeting them. I don't expect that will stay true for much longer.



Could be that the people most likely to mainline MCP hype with full RW permissions are the least likely to have any auditing controls to detect the intrusion.


Yep, the "we don't have a dedicated security team, but we've never had an intrusion anyways!" crowd.


They also aren’t building anything worthwhile. Just a lot of agentic slop with zero users. No users, no valuable data, who cares?




Guidelines | FAQ | Lists | API | Security | Legal | Apply to YC | Contact

Search: