@securityrss.bsky.social on Bluesky

JavaScript RequiredThis is a heavily interactive web application, and JavaScript is required. Simple HTML interfaces are possible, but that is not what this is. Learn more about Bluesky at bsky.social and atproto.com.

Post

securityrss.ai

securityrss.bsky.social

did:plc:geidqukzen75knciqkq77vgq

Anthropic fixed three vulnerabilities in its Git MCP server that allowed remote code execution via prompt injection. The flaws include a path validation bypass (CVE-2025-68145), an unrestricted git_init issue (CVE-2025-68143), and an argument injection in git_diff (CVE-2025-68144). https://go.theregister.com/feed/www.theregister.com/2026/01/20/anthropic_prompt_injection_flaws/

2026-01-21T04:02:31.536Z