Full Account Takeover on an MCP OAuth Proxy: Why PKCE Can't Save You
TL;DR: Got an MCP OAuth proxy to hand me real production access tokens for any user who clicked one link. No fake login page. No cert warning. No MFA bypass. The victim actually signs in at the real S
hackt.us8 min read