Researchers at EdisonWatch have revealed that the new calendar integration feature in ChatGPT can be exploited to execute commands that may lead to the theft of sensitive emails. This type of attack, requiring user interaction, highlights ongoing vulnerabilities within AI systems and the risks associated with their integration into enterprise tools.

MCP-Shield is a security tool that scans installed Model Context Protocol (MCP) servers for vulnerabilities, including tool poisoning attacks and sensitive file access attempts. It provides options for customized scanning and integrates an AI analysis feature using an Anthropic Claude API key for enhanced vulnerability detection. The tool highlights serious risks associated with hidden instructions and potential data exfiltration in server tools.