MCP Security: The Exploit Playbook (And How to Stop Them)

March 3rd, Computer History Museum CODING AGENTS CONFERENCE, come join us while there are still tickets left. https://luma.com/codingagents Thanks to@ProsusGroupfor collaborating on the Agents in Production Virtual Conference 2025. MCP has revolutionized how AI agents interact with the world. However, with over 13,000 MCP servers launched in 2025 alone, it has also opened a Pandora's box of security vulnerabilities that most organizations aren't prepared to handle: 10% are known to be malicious, the rest of the 90% are exploitable. This presentation guides you through the MCP threat landscape, showcasing real-world exploits already in the wild. We'll examine the most dangerous attack vectors including tool poisoning (hidden instructions lurking in tool descriptions), rug-pulls (bait-and-switch tactics that change behavior post-approval), conversation history theft, and cross-server tool shadowing. We won't leave you defenseless. For each vulnerability demonstrated, you'll learn practical defensive strategies and implementation patterns to safeguard your MCP deployments. Whether you're a security engineer protecting AI agents, a developer building MCP servers, or a a business user integrating your CRM to Claude, you'll walk away with: A comprehensive understanding of the MCP attack surface Practical knowledge of how these exploits work A security checklist for MCP implementations Strategies for detecting and responding to MCP-based attacks. As enterprises adopt MCP faster than security teams can assess the risks, this session provides the essential knowledge needed to stay ahead of attackers in the age of autonomous AI agents. Bio // Vitor is the co-founder of Runlayer, currently busy making AI safe for Enterprise. Previously he was a Staff AI Engineer at Zapier, where he was the technical lead for Zapier Agents. A Prosus | MLOps Community Production