The same connectivity that made Anthropic’s Model Context Protocol (MCP) the fastest-adopted AI integration standard in 2025 has created enterprise cybersecurity’s most dangerous blind spot.
Recent research from Pynt quantifies the growing threat in clear, unambiguous terms. Their analysis exposes the startling network effect of vulnerabilities that escalate the more MCP plugins are used. Deploying just ten MCP plugins creates a 92% probability of exploitation. At three interconnected servers, risk exceeds 50%. Even a single MCP plugin presents a 9% exploit probability, and the threat compounds exponentially with each addition.
MCPs’ security paradox is driving one of the enterprises’ most significant AI risks
The design premise for MCP began with a commendable goal of solving AI’s integration chaos. Anthropic chose to standardize how large language models (LLMs) connect to external tools and data sources, delivering what every organization working with AI models and resources desperately needed: a universal interface for AI agents to access everything from APIs, cloud services, databases, and more.
Anthropic’s launch was so well orchestrated that MCP immediately gained traction with many of the leading AI companies in the industry, including Google and Microsoft, who both quickly adopted the standard. Now, a short ten months after the launch, there are over 16,000 MCP servers deployed across Fortune 500 companies this year alone.
At the core of MCP’s security paradox is its greatest strength, which is frictionless connectivity and pervasive integration with as little friction as possible. That aspect of the protocol is its greatest weakness. Security wasn’t built into the protocol’s core design. Authentication remains optional. Authorization frameworks arrived just six months ago in updates, months after the protocol had seen widespread deployments. Combined, these two factors are fueling a quickly sprawling attack surface where every new connection multiplies risk, creating a network effect of vulnerabilities.
“MCP is shipping with the same mistake we’ve seen in every major protocol rollout: insecure defaults,” warns Merritt Baer, Chief Security Officer at Enkrypt AI and advisor to companies including Andesite and AppOmini told VentureBeat in a recent interview. “If we don’t build authentication and least privilege in from day one, we’ll be cleaning up breaches for the next decade.”
Read Full Article: VentureBeat
By Louis Columbus