Cato Networks to Expose Real-World MCP Exploits in Hacking Demos at DefCamp 2025 

Cato CTRL to demonstrate how MCPs can be hijacked to execute malicious code and bypass traditional security controls  

TEL AVIV, Israel, November 7, 2025 – Cato Networks, the SASE leader, today announced that Dolev Moshe Attiya (staff cyber research engineer at Cato Networks and member of Cato CTRL) will present at DefCamp 2025 in Bucharest, Romania.

The session, “Exploiting the Model Context Protocol: How GenAI Connectors Can Turn Trusted Tools into Attack Vectors” (Thursday, November 14 at 2:00 PM CET), will reveal how threat actors can exploit model context protocol (MCP), which is the emerging standard for connecting generative AI (GenAI) tools to external systems.

The session will feature hacking demos showcasing three MCP-based attacks: 

• Malicious package exploitation: Demonstrating how a compromised MCP server—disguised as a benign utility—can escalate privileges and execute arbitrary system commands on the host machine. 

• Prompt injection abuse: Showing how a simple text document can manipulate a legitimate MCP server into performing unauthorized file operations, including encrypting a victim’s files silently. 

• Proof-of-concept (PoC) attack targeting Atlassian MCP: Illustrating a “living off AI” attack, as revealed in a recent Cato CTRL blog.   

“MCP is an incredible innovation, but it also blurs the lines between data, automation, and control,” said Dolev Moshe Attiya, staff cyber research engineer at Cato Networks and member of Cato CTRL. “Our goal is to raise awareness of how easily these systems can be abused, and what defenders can do today to prevent GenAI from becoming the next major attack vector.”

To learn more about Cato’s threat intelligence team, visit the Cato CTRL page.  

Resources 

• [Photo] Dolev Moshe Attiya  

About Cato CTRL 

Cato CTRL (Cyber Threats Research Lab) is the world’s first CTI group to fuse threat intelligence with granular network insight, made possible by Cato’s global SASE platform. By bringing together dozens of former military intelligence analysts, researchers, data scientists, academics and industry-recognized security professionals, Cato CTRL utilizes network data, security stack data, hundreds of security feeds, human intelligence operations, AI (Artificial Intelligence), and ML (Machine Learning) to shed light on the latest cyber threats and threat actors. 

About Cato Networks

Cato Networks delivers enterprise security and networking in a single cloud platform. The SASE leader creates a seamless and elegant customer experience that effortlessly enables threat prevention, data protection, and timely incident detection and response. With Cato, organizations replace costly and rigid legacy infrastructure with an open and modular SASE architecture based on SD-WAN, a purpose-built global cloud network, and an embedded cloud-native security stack. 

Want to learn why thousands of organizations secure their future with Cato? Visit us at www.catonetworks.com. 

Media Contact 

Cato Communications 

press@catonetworks.com