Hacker News with Generative AI: Server Security

Stopping AI scrapers from taking down my server (ellis.link)
In my earlier post about Forgejo and scraper bots, I mentioned that adding a robots.txt file helped reduce scraping. Well, it turns out the bots only disappeared because I’d set the repository to private, and they were receiving numerous 404 errors. They weren’t actually respecting robots.txt (although Google, at least, was).

AI, Server Security, Web Development, Robots.txt

44 points by JadedBlueEyes 32 days ago | 0 comments

Show HN: MCP-Shield – Detect security issues in MCP servers (github.com/riseandignite)
MCP-Shield scans your installed MCP (Model Context Protocol) servers and detects vulnerabilities like tool poisoning attacks, exfiltration channels and cross-origin escalations.

Security, Server Security, MCP, Vulnerability Detection

134 points by nick_wolf 74 days ago | 39 comments

Exploiting exposed Portainer agent and using new SSH persistence (exatrack.com)
During an incident response for one of our clients, we stumbled upon a server compromised by the now relatively documented 1234 perfctl malware.

Cybersecurity, Exploitation, Server Security, Malware

3 points by benjiro 91 days ago | 1 comments

Over 660k Rsync servers exposed to code execution attacks (bleepingcomputer.com)
Over 660,000 exposed Rsync servers are potentially vulnerable to six new vulnerabilities, including a critical-severity heap-buffer overflow flaw that allows remote code execution on servers.

Security, Server Security, Vulnerabilities

20 points by nimar 161 days ago | 5 comments

Russia-linked group is targeting Zimbra (securityaffairs.com)
U.S. and U.K. cyber agencies warn that Russia-linked group APT29 is targeting vulnerable Zimbra and JetBrains TeamCity servers on a large scale.

Cybersecurity, Russia, Hacking, Server Security, Software

3 points by spapas82 255 days ago | 0 comments