Sign up to save your podcasts
Or
Share The App Store Nightmare: Why AI MCP Stores Are a Trap
Share to email
Share to Facebook
Share to X
Share to email
Share to Facebook
Share to X
Or
The App Store Nightmare: Why AI MCP Stores Are a Trap
The new AI app store is here - and it’s already making choices for your company.
This episode shows you how to spot it, stop it, and stay safe.
Host Lieuwe Jan Koning with RobMaas (Field CTO, ON2IT) explain the app storenightmare in plain language. A new system (MCP) lets AI tools like ChatGPT, Claude, and Gemini do tasks for you - sometimes too much. When a bad tool or a sneaky document gets in, it can read, send, or delete things without you noticing.
Real cases, real damage:
- Postmark MCP backdoor - secretly BCC’d emails (email copies)
- Shadow Escape - “zero-click” data theft from a hidden prompt
- kubectl chaos - a command mistake that can wipe servers
Your quick fix: keep a list of every AI tool and give each only the access it needs. Example: let your document bot read just the “Policies” folder—not your whole drive. For more fixes, watch the full episode.
Key topics covered:
· The app storenightmare: a new AI app store you don’t control
· How a tricked document can make your AI act against you
· A simple ZeroTrust plan anyone can start today
· How to cut tool sprawl, cost, and risk—without slowing the team
If you use ChatGPT, Claude, or Gemini at work, this is your survival brief.
Subscribe for more Threat Talks and ON2IT’s Zero Trust guidance.
Guest and Host Links:
Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/
Lieuwe Jan Koning (Founding Partner, ON2IT): https://www.linkedin.com/in/lieuwejan/
Click here to view the episode transcript.
Additional Resources:
Threat Talks: https://threat-talks.com/
ON2IT (Zero Trust as a Service): https://on2it.net/
AMS-IX: https://www.ams-ix.net/ams
Anthropic MCP announcement: https://www.anthropic.com/news/model-context-protocol
OpenAI Tools/Connectors/MCP: https://platform.openai.com/docs/guides/tools-connectors-mcp
Kubernetes (kubectl): https://kubernetes.io/docs/reference/kubectl/
Reported Postmark MCP backdoor: https://thehackernews.com/2025/09/first-malicious-mcp-server-found.html
Shadow Escape zero-click research: https://www.globenewswire.com/news-release/2025/10/22/3171164/0/en/Operant-AI-Discovers-Shadow-Escape-The-First-Zero-Click-Agentic-Attack-via-MCP.html
If this saved you a breach, subscribe to Threat Talks and follow ON2IT for weekly Zero Trust moves. New episode next week.
View all episodes
By Threat TalksThe new AI app store is here - and it’s already making choices for your company.
This episode shows you how to spot it, stop it, and stay safe.
Host Lieuwe Jan Koning with RobMaas (Field CTO, ON2IT) explain the app storenightmare in plain language. A new system (MCP) lets AI tools like ChatGPT, Claude, and Gemini do tasks for you - sometimes too much. When a bad tool or a sneaky document gets in, it can read, send, or delete things without you noticing.
Real cases, real damage:
- Postmark MCP backdoor - secretly BCC’d emails (email copies)
- Shadow Escape - “zero-click” data theft from a hidden prompt
- kubectl chaos - a command mistake that can wipe servers
Your quick fix: keep a list of every AI tool and give each only the access it needs. Example: let your document bot read just the “Policies” folder—not your whole drive. For more fixes, watch the full episode.
Key topics covered:
· The app storenightmare: a new AI app store you don’t control
· How a tricked document can make your AI act against you
· A simple ZeroTrust plan anyone can start today
· How to cut tool sprawl, cost, and risk—without slowing the team
If you use ChatGPT, Claude, or Gemini at work, this is your survival brief.
Subscribe for more Threat Talks and ON2IT’s Zero Trust guidance.
Guest and Host Links:
Rob Maas (Field CTO, ON2IT): https://www.linkedin.com/in/robmaas83/
Lieuwe Jan Koning (Founding Partner, ON2IT): https://www.linkedin.com/in/lieuwejan/
Click here to view the episode transcript.
Additional Resources:
Threat Talks: https://threat-talks.com/
ON2IT (Zero Trust as a Service): https://on2it.net/
AMS-IX: https://www.ams-ix.net/ams
Anthropic MCP announcement: https://www.anthropic.com/news/model-context-protocol
OpenAI Tools/Connectors/MCP: https://platform.openai.com/docs/guides/tools-connectors-mcp
Kubernetes (kubectl): https://kubernetes.io/docs/reference/kubectl/
Reported Postmark MCP backdoor: https://thehackernews.com/2025/09/first-malicious-mcp-server-found.html
Shadow Escape zero-click research: https://www.globenewswire.com/news-release/2025/10/22/3171164/0/en/Operant-AI-Discovers-Shadow-Escape-The-First-Zero-Click-Agentic-Attack-via-MCP.html
If this saved you a breach, subscribe to Threat Talks and follow ON2IT for weekly Zero Trust moves. New episode next week.