𝗔𝘂𝘁𝗼𝗝𝗮𝗰𝗸 𝗘𝘅𝗽𝗹𝗼𝗶𝘁 𝗖𝗵𝗮𝗶𝗻 𝗧𝗮𝗿𝗴𝗲𝘁𝘀 𝗔𝗜 𝗕𝗿𝗼𝘄𝘀𝗶𝗻𝗴 𝗔𝗴𝗲𝗻𝘁𝘀

Microsoft researchers found a new security threat called AutoJack.

This exploit targets AutoGen Studio. It uses an MCP WebSocket endpoint to attack your computer. A single malicious web page can run commands on your machine.

The attack uses three weaknesses:

  • A bypass of localhost trust.
  • No authentication on MCP paths.
  • Unsafe command execution.

The attacker needs no credentials. You only need to let the AI agent load a specific URL to trigger the attack.

This bug appeared in two pre-release builds. These builds are still available. If you installed these versions, your system is at risk.

Check your versions of AutoGen Studio immediately.

Source: https://gridthegrey.com/posts/autojack-exploit-chain-turns-ai-browsing-agent-into-remote-code-execution-vector/

Optional learning community: https://t.me/GyaanSetuAi