Raphaël Lacroix retweetledi

🚨Wiz Research update: MCP Auto-Execution: From Git Clone to Cloud Compromise.
This let malicious repos run code and steal AWS credentials without consent via workspace MCP configs.
Attackers could compromise cloud envs. Fixed in language server 1.65.0 (CVE-2026-12957). wiz.io/blog/amazon-q-…
English
































