MarketsSANDWORM_MODE npm Worm Injects Malicious MCP Servers Into AI Coding ToolsSocket.dev·high signalMulti-stage npm worm deploys rogue MCP servers into Claude Code Cursor Windsurf configs. 19 typosquatted packages harvest tokens SSH keys cloud creds. Dormant dead switch can wipe home directories.SourceSource pageSocket.dev↳ Follow the threadShared entity / Policy dependencyKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker NewsShared entity / Stack layerMitigating Taint-Style MCP Server Vulnerabilities Without Touching Server Code (SPELLSMITH)arXivShared entity / Stack layerScan for MCP prompt injection at a centralized control plane, and treat every tool response as untrustedObot AIShared entity / Stack layerTip: Harden Any MCP Server You Run Locally — Bind to 127.0.0.1 and Require Auth on Management EndpointsAdversa AIShared entity / Stack layerPattern: The Agent's Web Access Is Moving Inside the IDE as a Sandboxed, Allowlisted Browser9to5MacShared entity / Stack layerTip: If You're on Bedrock/Vertex/Foundry, Set disableAutoMode Before v2.1.207 Surprises YouClaude Code ChangelogShared entity / Stack layerWindsurf's Devin Local Adds Editor Context Awareness and Persistent 'Always Allow' MCP GrantsReleasebotShared entity / Stack layerVercel Says More Than Half of Deployments Are Now Triggered by Coding Agents; AI SDK 6 Ships Agent Tools and Full MCPIT Brief