MCP & AI Agent Attacks

The Model Context Protocol is "USB-C for AI" — it lets agents plug into tools, and it ships a brand-new attack surface most teams never reviewed. Because the agent treats a tool's description as trusted instructions, a malicious MCP server can poison it, rug-pull it after approval, shadow other tools, or steal your tokens — and the servers themselves are code (real RCE: CVE-2025-6514, CVE-2025-49596). This is the full field guide, with mcp-scan, MCP Inspector, real payloads and the fixes.