Skills
Exposed MCP Servers Nearly Tripled to 1,467: Trend Micro Finds Cloud Infrastructure Now Targeted as Attack Surface Widens Beyond Local Installs
Trend Micro's updated research shows exposed MCP servers have nearly tripled to 1,467 internet-facing instances, with the threat now extending from local developer machines to cloud infrastructure. Combined with the STDIO transport design flaw affecting all MCP SDKs (Python, TypeScript, Java, Rust) across 7,000+ servers and 150M+ downloads — which Anthropic has declined to fix, calling the behavior 'expected' — this represents a growing attack surface. Developers should audit any MCP server they expose beyond localhost and implement authentication regardless of transport.
Source
↳ Follow the thread