Stack layer / Threat pattern
Armadin details full sandbox escape in Anthropic's Claude Cowork; Anthropic disputes, silently patches
SiliconANGLE
Stack layer / Threat pattern
Claude Code v2.1.203 and v2.1.204 Add Login-Expiry Warnings and Fix Headless Hook Streaming
Claude Code Docs
Stack layer / Threat pattern
Lazy schema loading: stop paying the MCP 'tools tax' by gating tool schemas until needed
arXiv
Stack layer / Threat pattern
CROSS-CATEGORY: Incumbents Reopen Themselves as 'Platforms of Agents' via MCP — Greenhouse's ATS MCP Goes Broad July 6
Multiple Sources
Threat pattern / Contrast
BlueRock's MCP Trust Registry: 36.7% of 7,000+ scanned MCP servers are SSRF-exposed, 42% leak credentials
BlueRock
Stack layer / Threat pattern
'The MCP Governance Illusion' — Why Governing Tools Isn't Enough
Cyera / Hacker News
Stack layer / Threat pattern
'GitLost' Prompt Injection Tricks GitHub's Agentic Workflows Into Leaking Private Repos
Noma Security
Stack layer / Threat pattern
Route subagents to Haiku and scope rules by path — a benchmarked 77–91% Claude Code cost cut
Firecrawl