Knostic found 1,862 MCP servers exposed with zero authentication. Here are five actions CISOs should take now.

Abstract: The growing adoption of Vehicle-to-Everything (V2X) communications in Intelligent Transportation Systems (ITS) demands robust authentication protocols to ensure secure and reliable ...

Black Hat Europe 2025: Multiple hacking techniques allow researchers to bypass XML signature validation while still presenting valid SAML documentation to an application. Researchers have uncovered ...

Algorand (ALGO) introduces Liquid Auth, a decentralized, passwordless authentication protocol for Web3, enhancing user-owned identity and interoperability between Web2 and Web3 platforms. In a ...

Abstract: This article presents the technical details of the Extensible Authentication Protocol (EAP) and IEEE 802.1x by using WIRE1x, an open-source implementation of IEEE 802.1x client (supplicant) ...

SPY Protocol is an open standard for cryptographic authentication between agents and proxies. It uses ECDSA public key cryptography to verify authorized clients without passwords, cookies, or ...

1 Department of Information Engineering, Ningxia Communications Technical College, Yinchuan, China 2 School of Computer, Central China Normal University, Wuhan, China As an important component of the ...

Update to the MCP SDK for C# brings an improved authentication protocol, elicitation support, structured tool output, and support for resource links in tool responses. Microsoft announced that the MCP ...

Approximately all of the nearly 2,000 Model Context Protocol (MCP) servers exposed to the Web today are totally bereft of authentication or access controls. Every technology experiences awkward ...

It is currently not possible to configure different keys per authentication protocol, e.g. SAML, OpenID Connect (OIDC), kerberos, etc. For instance, SAML and OIDC certificates typically have different ...