Penetration testing

Kali Linux's Official MCP Server Has a Textbook Command Injection Vulnerability

A security researcher found that the mcp-kali-server package - shipped in Kali's official repos - interpolates AI-supplied parameters directly into shell commands with shell=True, enabling trivial arbitrary command execution.

Kali Linux Published a Guide Piping Pentest Tools Through Claude's API - Without Mentioning Data Security Once

Kali Linux's new Claude AI integration funnels scan results, target IPs, and discovered vulnerabilities through Anthropic's cloud API, and the guide's only privacy note is a parenthetical shrug.

Penetration testing

Kali Linux's Official MCP Server Has a Textbook Command Injection Vulnerability

Kali Linux Published a Guide Piping Pentest Tools Through Claude's API - Without Mentioning Data Security Once

Google Analytics