AgentsSANDWORM_MODE npm Worm MCP Injection Targets 5 AI Coding ToolsSocket.dev·high signal19 malicious npm packages inject rogue MCP servers into Claude Code, Cursor, Windsurf, Continue, VS Code. Exfiltrates SSH keys, AWS creds, API tokens via prompt injection.SourceSource pageSocket.dev↳ Follow the threadShared entity / Policy dependencyKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker NewsShared entity / Stack layerMitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)arXivShared entity / Stack layerScan for MCP prompt injection at a centralized control plane, and treat every tool response as untrustedObot AIShared entity / Stack layerTip: Harden Any MCP Server You Run Locally — Bind to 127.0.0.1 and Require Auth on Management EndpointsAdversa AIShared entity / Stack layerPattern: The Agent's Web Access Is Moving Inside the IDE as a Sandboxed, Allowlisted Browser9to5MacShared entity / Stack layerTip: If You're on Bedrock/Vertex/Foundry, Set disableAutoMode Before v2.1.207 Surprises YouClaude Code ChangelogShared entity / Stack layerWindsurf's Devin Local Adds Editor Context Awareness and Persistent 'Always Allow' MCP GrantsReleasebotShared entity / Stack layerVercel Says More Than Half of Deployments Are Now Triggered by Coding Agents; AI SDK 6 Ships Agent Tools and Full MCPIT Brief