8. Token Theft via Man-in-the-MCP

8. Token Theft via Man-in-the-MCP

Attack: Attacker intercepts or impersonates a legitimate MCP server and collects API keys or user auth tokens passed during task execution.

Mitigation:

  • Always serve MCPs over HTTPS
  • Use mTLS or mutual token verification
  • Never embed secrets in plain JSON, use vault injection
ON THIS PAGE