AgentsBitdefender MCP Security — 53% Static Credentials, 8.5% OAuthBitdefender·high signalFive key MCP risk categories. CVE-2025-6514 CVSS 9.6 RCE, CVE-2025-32711 EchoLeak. 53% open-source MCP servers use insecure static credentials, only 8.5% use OAuth.SourceSource pageBitdefender↳ Follow the threadStack layer / Threat patternNSA issues official MCP hardening guidance after Amazon Q auto-execution CVEs (CVSS 8.5) enable AWS credential theftWizStack layer / Threat patternMalicious agent skills evade every scanner: HKUST's SkillCloak beats detectors 90%+ of the time, SkillDetonate catches 97%Help Net SecurityStack layer / Threat patternOpen-Source Multi-Agent Firewall Intercepts Both HTTP(S) and WebSocket LLM TrafficarXivStack layer / Threat patternDefend against prompt injection with an embedding-scored Threat Library, not brittle regex rulesPromptHaloStack layer / Threat patternCodeTracer Performs Forensic Attribution of Backdoored Code CompletionsarXivStack layer / Threat patternSnyk's Evo Agentic Development Security Hit GA June 29 — an Enforcement Layer That Polices MCP Servers and Coding Agents at RuntimeSiliconANGLEStack layer / Threat patternTip: Register Additional Working Directories to Expose Every Repo Root to MCPClaude Code DocsStack layer / Threat patternOpenClaw ships broad July 6 platform update: GPT-5.6 support, external harness attach, hardened provider I/OReleasebot