The Hacker News · Jun 30, 2026 17:46 UTC

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

Summary

New Microsoft research shows how attackers can hijack AI agents that act on a user's behalf, using nothing more than a poisoned tool description to make the agent quietly hand over company data to an outsider. The trick is that the agent never breaks a rule. Every step looks routine, so in a default setup no alarm may fire. The work comes from Microsoft Incident Response and its

Original reporting

Open original source

Related coverage

Read full article on The Hacker News

Microsoft Warns Poisoned MCP Tool Descriptions Can Make AI Agents Leak Data

Original reporting

Related coverage

Here Are Some Ways SCOTUS Can Constrain Federal Agencies That Are Now Subject to Trump's Untrammeled Control

Watch live: The Hill’s Data Nerds track and analyze Colorado primary elections

Wall Street says sell Goldman, buy Capital One. Here's where we stand

Phishers Gain Persistence at EU, Asia Hospitality Orgs