1 in 15 MCP Servers are Lookalikes: Is Your Org at Risk? | UpGuard

This report analyzes widespread typosquatting and weak governance across MCP registries (18,000 developer files reviewed), describes how attackers exploit lookalike servers, and provides a four‑month case study of the SmartLoader supply‑chain campaign that trojanized an Oura Ring MCP server to deliver the StealC infostealer which exfiltrated credentials and secrets; it concludes with immediate operational mitigations for developer teams.