I shipped mcp-probe — a CLI that points at any MCP server, enumerates every tool, resource, and prompt, calls each with auto-generated arguments, validates against declared schemas, prints a pass/fail scorecard, and exits 0/1 for CI. The plan for launch week: run it against the official Node MCP servers and post results. The first run made me look like I'd broken half the ecosystem. The second, af
This technical post walks through the design and implementation of Secure Playground: a local web app that simulates prompt-injection attacks against large language models and demonstrates simple defenses. Provide a minimal, reproducible environment to test payloads and defensive strategies. Make it easy to add new providers and run mutation-based red-team experiments. Offer a leaderboard and scor
Metasploitable2 - FTP Exploitation using vsftpd 2.3.4 Backdoor 1. Objective To identify and exploit a known vulnerability in an FTP service running on a vulnerable target machine using industry-standard reconnaissance and exploitation techniques. 2. Lab Environment Component Description Attacker Machine Kali Linux Target Machine Metasploitable2 Network Type Host-only / NAT
So far, we’ve seen: The model decides what to do The MCP server executes it But something is missing. Who actually connects these two? That’s the MCP client. The MCP client is: The component that connects the model and the MCP server, and manages the entire interaction between them. It’s easy to think: “The model calls the server directly” But that’s not what happens. 👉 The model only generates i
MCPwn Is Live. We Scanned the Supply Chains of 14 MCP Servers. Here's What We Found. April 18, 2026 MCPwn dropped this week. CVE-2026-33032 — CVSS 9.8, actively exploited, 2,600+ instances exposed. Two HTTP requests. No authentication. Full nginx server takeover. Then MCPwnfluence: CVE-2026-27825 and CVE-2026-27826. The most widely used Atlassian MCP server — SSRF chained with arbitrary file wri
This is Part 1 of a two-part series. Part 2 (coming soon): Connecting to spoke clusters from a controller using multicluster-runtime, driven by ClusterProfile. The Cluster Inventory API (multicluster.x-k8s.io) is driven by SIG-Multicluster and centered on the ClusterProfile resource. It only delivers value when something produces those ClusterProfiles. That something is a cluster manager. Today, t
When developers travel, we usually prepare the obvious things. Laptop charger. But there is one dependency that is easy to underestimate until it breaks: mobile internet. A trip to China makes this especially obvious. Not because China is hard to travel in, but because so many basic interactions are mobile-first: navigation, translation, ride-hailing, hotel communication, ticket confirmations, pay
A defaced website is a curious problem. It's loud — anyone visiting the page can see something is wrong. But it's also quiet from a server's perspective: HTTP returns 200, your uptime monitor is happy, your TLS cert hasn't moved, and the CMS logs show a "successful" content update from a legitimate-looking session. The signal is on the rendered page, not in the metrics. I run a site at hi3ris.blue