MCP shipped without authentication. Clawdbot shows why that's a problem.

Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.
TMCnet

Descope Unveils Agentic Identity Hub 2.0, the Most Comprehensive Identity Platform for AI Agents and MCP Servers

The new Descope Agentic Identity Hub is designed with both builders and security teams in mind–providing developers with ...

Synametrics Technologies Inc. Releases Xeams 10.0 (Build 6413).

The new version enables secure email sending for legacy devices and applications without OAuth. MILLSTONE, NJ, UNITED ...
SecurityWeek

Cyber Insights 2026: API Security – Harder to Secure, Impossible to Ignore

Cybersecurity experts share insights on securing Application Programming Interfaces (APIs), essential to a connected tech world.
CSO Online

13 cyber questions to better vet IT vendors and reduce third-party risk

Adversaries are increasingly targeting third-party providers, catching customer companies on their heels. CISOs must play a ...
Security Boulevard

OAuth Scopes & Consent: Complete Guide to Secure API Authorization

Learn how to design secure OAuth scopes and consent flows for enterprise applications. A complete guide for CTOs on API ...
InfoQ

Microsoft Releases Azure Functions Support for Model Context Protocol Servers

Microsoft has launched its Model Context Protocol (MCP) for Azure Functions, ensuring secure, standardized workflows for AI ...

Top 15 API Management Platforms in 2026

APIs power everything from internal systems to customer-facing products, but managing them at scale is no longer ...
Security Boulevard

OAuth Authorization Server Setup: Implementation Guide & Configuration

Learn how to build and configure an enterprise-grade OAuth authorization server. Covering PKCE, grant types, and CIAM best ...
The Hacker News

AI Agents Are Becoming Authorization Bypass Paths

Enterprise AI agents boost automation but often run with broad permissions, allowing actions beyond user access and weakening ...
Bleeping Computer

New ConsentFix attack hijacks Microsoft accounts via Azure CLI

A new variation of the ClickFix attack dubbed 'ConsentFix' abuses the Azure CLI OAuth app to hijack Microsoft accounts without the need for a password or to bypass multi-factor authentication (MFA) ...