Emerging Risks: Typosquatting in the MCP Ecosystem | UpGuard

This research report demonstrates that MCP servers are susceptible to typosquatting and brand impersonation: analysis of 18,000 Claude configuration files and registry audits found widespread misspellings and lookalike servers across registries (notably the large, unmoderated MCP.so), creating a realistic attack surface for supply-chain and remote-server compromises. The authors recommend stronger verification standards, curated registries, and organizational controls to ensure only trusted, verified MCP servers are used.