Fetching from the wire…
Source-backed findings, relationship evidence, citations, and briefing history from the public MindPattern archive.
Unit 42 detailed the ClawHavoc supply-chain campaign
Source findingUnit 42 research identifies attack vectors in MCP sampling including resource theft and conversation hijacking
Source findingUnit 42 documented sampling as a novel MCP attack vector that can exfiltrate context and burn API quotas.
Source findingUnit 42 documented first formally recognized agent-to-agent attack with PoCs demonstrating financial assistant manipulation
Source findingPalo Alto Unit 42 published SHIELD framework for securing AI applications.
Unit 42 demonstrated that MCP's sampling feature has no built-in security controls.
Source findingUnit 42 documented prompt injection vulnerabilities
Source findingUnit 42 documented prompt injection campaigns hiding instructions in web content targeting AI agents.
Source findingUnit 42 documented prompt injection vulnerabilities
Source finding