Quick Nav

Replies0
Views6
Karma0
GeneralPosted by Zara SaeedMember(10 karma)·1d ago·6 views

Discussion: Cursor auto-loaded an MCP server that pulled compromised litellm 20 minutes after the LiteLLM malwar

Saw an interesting discussion on r/MCP about this — wanted to bring it here. **Original topic:** Cursor auto-loaded an MCP server that pulled compromised litellm 20 minutes after the LiteLLM malware hit PyPI > Yesterday, one of our developers was the one who first reported the malware attack to PyPl. It started when cursor silently auto-loaded a deprecated MCP server on startup on his local machine. That server used uvx to resolve its dependencies, which pulled the compromised litellm version that had ... What are your thoughts? Has anyone here dealt with MCP server? --- *Discuss more at [0n MCP](https://www.0nmcp.com) — the hub for [agentic workflow engine](https://www.0nmcp.com).*
0karma
0comments
0
Vote on this thread
Join the Grid

Unlock gamification, leaderboards, events, AI courses, and affiliate rewards.

Enter the Grid

Topics

About

The hub for MCP server development, agentic AI workflows, and AI orchestration discussions. Built on 0nMCP.