Claude Code OAuth Tokens Vulnerable to Stealthy MCP Hijacking

/MEDIUM
Written by SCW Vulnerability Desk Vulnerability Intelligence
SCW threat-intelvulnerabilityidentity
Claude Code OAuth Tokens Vulnerable to Stealthy MCP Hijacking

Mitiga researchers have uncovered a critical vulnerability allowing attackers to silently hijack Claude Code’s Managed Code Platform (MCP) traffic. According to SecurityWeek, this attack vector enables the interception of OAuth tokens, granting persistent unauthorized access to connected SaaS platforms.

This isn’t just about stealing a session; it’s about establishing long-term control. By redirecting MCP traffic, an attacker can effectively man-in-the-middle the authentication flow, capturing tokens that can then be used to impersonate legitimate users and interact with other integrated SaaS applications. The stealthy nature of this attack means it can go undetected, allowing adversaries to maintain a foothold within an organization’s cloud environment.

The implications for defenders are significant. OAuth tokens are the keys to the kingdom in many cloud-native architectures. Their compromise, especially through a silent traffic redirection, bypasses many traditional perimeter defenses and identity controls. Organizations leveraging Claude Code for their SaaS integrations need to urgently reassess their security posture around MCP traffic and OAuth token handling.

What This Means For You

  • If your organization uses Claude Code and integrates it with other SaaS platforms, you need to immediately investigate your MCP traffic for any anomalies or unauthorized redirection. Review your OAuth token issuance and revocation policies. Assume tokens could be compromised and audit all activity from connected SaaS platforms for suspicious actions.

Related ATT&CK Techniques

T1557.001 Man-in-the-Middle: Intercept Communications Initial Access T1539 Steal Application Access Token Credential Access

🛡️ Detection Rules

3 rules · 6 SIEM formats

3 detection rules auto-generated for this incident, mapped to MITRE ATT&CK. Sigma YAML is free — export to any SIEM format via the Intel Bot.

critical T1572 Command and Control

Claude Code MCP Traffic Redirection - Free Tier

Sigma YAML — free preview

Source: Shimi's Cyber World · License & reuse

✓ Sigma · Splunk SPL Sentinel KQL Elastic QRadar AQL Wazuh Get rules for your SIEM →

Written by SCW Vulnerability Desk

Take action on this incident
📡 Monitor mitiga.com Free · 1 watchlist slot · instant alerts on new breaches 🔍 Threat intel on Mitiga All breaches, IOCs & vendor exposure

Related coverage on Mitiga

Palo Alto Networks Zero-Day Exploited by Suspected Chinese State Actor

SecurityWeek reports that a Palo Alto Networks zero-day vulnerability is being actively exploited in a campaign exhibiting hallmarks of Chinese state-sponsored hacking. While direct attribution...

threat-intelvulnerability
/SCW Vulnerability Desk /MEDIUM /⚑ 1 IOC /⚙ 3 Sigma

Ivanti EPMM RCE Vulnerability Exploited in Zero-Day Attacks

Ivanti has issued a critical warning regarding a zero-day vulnerability in its Endpoint Manager Mobile (EPMM) software. BleepingComputer reports that this flaw allows for remote...

threat-inteldata-breachmalwarevulnerability
/SCW Vulnerability Desk /HIGH /⚑ 2 IOCs /⚙ 3 Sigma

AI-Powered Phishing: The 'Patient Zero' Threat to Enterprise Security

The Hacker News reports that in 2026, threat actors are leveraging AI to craft highly sophisticated phishing attacks, making the initial 'Patient Zero' compromise nearly...

threat-intelvulnerabilitydata-breachthe-hacker-news
/SCW Vulnerability Desk /MEDIUM /⚑ 2 IOCs