NewsMCP Sampling Attack Vectors Resource Theft Conversation HijackingUnit42·high signalUnit42 identifies three MCP sampling attack patterns: resource theft, conversation hijacking, covert tool invocation. Root cause: MCP sampling lacks security controls.SourceSource pageUnit42↳ Follow the threadShared entity / Stack layerNSA issues official MCP hardening guidance after Amazon Q auto-execution CVEs (CVSS 8.5) enable AWS credential theftWizShared entity / Policy dependencyRoots, Sampling, and Logging are deprecated — new capabilities now ship as opt-in extensionsModel Context Protocol BlogShared entity / Stack layerClaude Code v2.1.203 and v2.1.204 Add Login-Expiry Warnings and Fix Headless Hook StreamingClaude Code DocsShared entity / Stack layerMCP-Grounded Agent Pipeline Converts Legacy Docs to NIST OSCAL for Continuous CompliancearXivShared entity / Stack layerMeniga Launches 'Fini,' an MCP Server Bringing Agentic AI Into BanksFinovateThreat pattern / Follow-up threadClawHavoc campaign plants 300+ malicious skills on a single marketplace to run infostealersUnit 42 (Palo Alto Networks)Policy dependency / Stack layerKastra Launches Policy Enforcement for Claude Code, Cursor, and CodexHacker NewsPolicy dependency / Stack layerStrict data-flow tracking is the only defense that zeroes out ADI — spend its utility cost only on code execution and moneyarXiv 2607.05120