1. GitHub MCP Proxy Exposes Critical SSRF Flaw, Enabling Internal Network & Credential Exfiltration
A critical Server-Side Request Forgery (SSRF) vulnerability has been exposed within GitHub's MCP (Model Context Protocol) proxy, allowing user-created MCP servers to force the platform's backend to fetch arbitrary external URLs without validation. This flaw transforms the proxy into a direct conduit for attackers to pr...