Worrying open-source security issue 'BadHost' could affect millions of AI agents, experts warn

The risk is "materially understated", researchers are saying as passwords and critical data can be exfiltrated.
Techzine Europe

Vulnerability in open-source component puts AI platforms at risk

A serious security vulnerability in a widely used open-source Python component could put a large number of AI agents ...
InfoWorld

FastAPI-based AI tools exposed to authentication bypass by flaw in Starlette framework

Researchers who found the bug warn that its Moderate rating understates a threat reaching across LLM gateways, MCP servers ...

Base launches new tool to connect crypto wallets to AI agents

Base MCP lets AI agents like Claude and ChatGPT transfer funds, swap tokens and interact with DeFi protocols on the ...
Crypto Briefing

Base launches MCP to connect ChatGPT and Claude agents to onchain wallet actions

Base launches Base MCP, letting ChatGPT and Claude agents connect to Base Accounts for swaps, transfers, portfolios, and app ...

Millions of AI agents imperiled by critical vulnerability in open source package

Millions of AI agents and tools around the world have been imperiled by a critical vulnerability that can allow hackers to ...

MultiHopper Opens API for AI Agents Seeking Compliant, Private Onchain Programmable Payment Infrastructure

The first MCP-compatible private programmable onchain routing layer for autonomous agents launches on Solana. Non-custodial, compliance-checked, built for AI. The future of AI-agent commerce cannot ...
CoinDesk

Coinbase’s Base launches AI tool for ChatGPT to manage crypto wallets and DeFi apps

Coinbase’s Ethereum Layer 2 network Base has launched a new tool that lets artificial intelligence agents directly interact with users’ crypto wallets and decentralized finance applications through ...
Decrypt

Perplexity Built a Tool That Checks Your Computer for Infected Software—Without Setting Off the Infection

Bumblebee from Perplexity scans developer machines for compromised packages and AI tool configs, without triggering malware.
XDA Developers on MSN

I added these MCP servers to my local LLM stack, and one of them replaces a $249 paid tool

These MCP servers make my local LLM even better.

Valid certificates, stolen accounts: how attackers broke npm's last trust signal

Stolen credentials produced valid Sigstore certificates, clearing 633 malicious npm packages — one of seven developer tool ...