News for today:
- Malicious MCP server detected. Koi.ai recently discovered an MCP server used by developers that quietly turned rogue at version 16. The rogue actions involved copying every email to the developer’s personal server. I’m talking password resets, invoices, internal memos, confidential documents – everything. The malicious change was detected by Koi’s risk engine. Koi.ai
- Descope partner program. Descope launched a partner program for application developers, focused on customer and AI agent authentication. This program brings Descope’s no / low code customer and agentic IAM capabilities to organizations that use digital agencies for their website or app development. Existing app dev partners have been enthused by our platform’s ease of use and implementation, flexibility to fit any customer environment, and seamless migrations from home-grown and legacy CIAM setups. We’re looking forward to working with more app dev partners and helping organizations around the world simplify and secure authentication for their customers, partners, and AI / MCP ecosystems. Descope
- Growth in Bitsight’s insurance business. Bitsight announced that its business with insurance companies grew 30% in the past six months. Insurance brokers are using its cyber risk data to assess underwriting risk. Gallagher Re found that by adding Bitsight’s external scanning insights to existing underwriting methods, insurers can identify companies disproportionately at risk of a claim up to 40% more accurately. Meanwhile, Marsh McLennan confirmed statistically significant correlations between Bitsight Security Ratings, 13 risk vectors, and the likelihood of cybersecurity incidents. Bitsight