Microsoft

Developer-targeting campaign using malicious Next.js repositories

A developer-targeting campaign leveraged malicious Next.js repositories to trigger a covert RCE-to-C2 chain through standard ...
GitHub

Fetch an entire site and use it as an MCP Server

Use -t, --tool-name-strategy to specify the tool name strategy, it will be used as the MCP server name (default: domain). This will be used as the MCP server name. Use -l, --max-length to specify the ...