top | item 44508226 Official Azure MCP exploited to steal users Keyvaults secrets 4 points| coderinsan | 7 months ago |tramlines.io 1 comment order hn newest rvz|7 months ago Tramlines.io presents: Another day, another official MCP server exploited. Again.Why on earth does Azure need an MCP server? MCPs do not belong anywhere near a critical system responsible for storing sensitive secrets or env vars.Now the official Azure MCP server can be breach with all your key-vault secrets exfiltrated.I think this tells you that "MCP" is rising to becoming the worst protocol standard that has ever been designed.And once again, no-one cares. (they really should)
rvz|7 months ago Tramlines.io presents: Another day, another official MCP server exploited. Again.Why on earth does Azure need an MCP server? MCPs do not belong anywhere near a critical system responsible for storing sensitive secrets or env vars.Now the official Azure MCP server can be breach with all your key-vault secrets exfiltrated.I think this tells you that "MCP" is rising to becoming the worst protocol standard that has ever been designed.And once again, no-one cares. (they really should)
rvz|7 months ago
Why on earth does Azure need an MCP server? MCPs do not belong anywhere near a critical system responsible for storing sensitive secrets or env vars.
Now the official Azure MCP server can be breach with all your key-vault secrets exfiltrated.
I think this tells you that "MCP" is rising to becoming the worst protocol standard that has ever been designed.
And once again, no-one cares. (they really should)