Bleeping Computer

New Android Pixnapping attack steals MFA codes pixel-by-pixel

A new side-channel attack called Pixnapping enables a malicious Android app with no permissions to extract sensitive data by stealing pixels displayed by applications or websites, and reconstructing ...
GitHub

Q: Related to callTool and having tool marked as "able to be initiated by the component"

widgets: List[TestWidget] = [ TestWidget( identifier="test-tool", title="Show Test", template_uri="ui://widget/test.html", invoking="Displaying test", invoked ...
GitHub

ChatGPT Can't See Image Responses From MCP Tools

Small issue, not sure if it classifies as a full bug, but when running tools through connected apps on ChatGPT, the client seems to be omitting any image content within responses. For example in a ...