A five-step attack chain that silently redirects Claude Code’s Model Context Protocol (MCP) traffic through attacker-controlled infrastructure, intercepting OAuth bearer tokens that grant persistent, broadly scoped access to connected SaaS platforms like Jira, Confluence, and GitHub with no patch incoming from Anthropic. Researchers at Mitiga Labs have demonstrated the attack, with the entry
Exploit
Cyber Security News
Apply vendor security patch