Hosted on MSN

Worrying Figma MCP security flaw could let hackers execute code remotely - here's how to stay safe

CVE-2025-53967 allows remote code execution via figma-developer-mpc command injection flaw Vulnerability stems from unvalidated input passed to shell commands using child_process.exec Users should ...
Dark Reading

Framelink Figma MCP Server Opens Orgs to Agentic AI Compromise

Model Context Protocol (MCP) servers, which are the glue that links AI agents with other enterprise systems, continue to pop up as potential chinks in the proverbial organizational armor. This week, ...

200,000 MCP servers expose a command execution flaw that Anthropic calls a feature

OX Security confirmed arbitrary command execution on six live platforms and estimates 200,000 MCP servers are exposed. Here's ...
InfoWorld

Visual Studio Code update auto-starts MCP servers

Latest release of Microsoft’s code editor also adds support for Git worktrees and the ability to checkpoint and restore different states of Copilot chat conversations. The newly released Visual Studio ...
TechRadar

Worrying Framelink MCP security flaw could let hackers execute code remotely - here's how to stay safe

A new security advisory published on GitHub says the ‘figma-developer-mpc’ npm package is vulnerable to a command injection flaw. Framelink - a third-party integration built on top of Figma’s ...