A Timeline of MCP Security Breaches (2025-2026) (authzed.com)

Recent updates on Model Context Protocol (MCP) security breaches have unveiled a significant number of vulnerabilities affecting the rapidly expanding ecosystem of AI tools connecting large language models (LLMs) to various applications. Since its launch in November 2024, MCP was viewed as a revolutionary bridge for AI integration; however, its swift adoption led to a series of high-profile security incidents throughout 2025 and early 2026. Key breaches included a malicious MCP server that exfiltrated users' entire WhatsApp chat histories and a prompt-injection attack that compromised GitHub repositories by leaking sensitive information. These incidents underscore the persistent security challenges associated with new technologies, revealing that the problems faced by traditional software systems—such as improper input sanitization and inadequate access controls—are now replicated in the AI domain. The implications for the AI/ML community are profound; as organizations increasingly rely on MCP to streamline AI workflows, the vulnerabilities expose a broader threat surface that demands urgent attention. Security researchers have identified systemic design flaws in the MCP's architecture, allowing for arbitrary code execution and exploitation through poorly managed user inputs. This situation signals an urgent need for stringent security protocols and best practices in the development and deployment of AI applications, emphasizing the necessity for robust input validation and security vetting to fend off supply-chain attacks in this burgeoning field.