Supabase MCP can leak your entire SQL database

｢ The cursor assistant operates the Supabase database with elevated access via the service_role, which bypasses all row-level security (RLS) protections. At the same time, it reads customer-submitted messages as part of its input. If one of those messages contains carefully crafted instructions, the assistant may interpret them as commands and execute SQL unintentionally ｣

https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/

Supabase's MCP is vulnerable to "lethal trifecta" attacks where LLMs with elevated DB access, exposed to user input, can be tricked into leaking sensitive data. Read-only mode helps but doesn't eliminate risk.

https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/

Breaking news: Supabase's new "Lethal Trifecta" feature ensures entire databases leak faster than a sieve ! With the innovative combo of LLM blunders, zero #security, and an express delivery system for #data breaches, it's a hacker's dream come true !
https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/ #Supabase #Lethal #Trifecta #breach #database #hacker #news #HackerNews #ngated

Supabase MCP leaks your entire SQL Database, a lethal trifecta attack

https://simonwillison.net/2025/Jul/6/supabase-mcp-lethal-trifecta/

"#Supabase #MCP can leak your entire #SQL #database"

#Security #LLM

https://www.generalanalysis.com/blog/supabase-mcp-blog

Poor Man's Back End-as-a-Service (BaaS), Similar to Firebase/Supabase/Pocketbase

https://github.com/zserge/pennybase

KI #Chatbot erstellen mit #n8n und Wissensdatenbank (#RAG)!

https://www.youtube.com/watch?v=3XRRxUTVszU

@neurovagrant

> "Lovable, for instance, uses AI models to create websites instantly. But for websites to do much of anything, they need to be connected to databases that store things like user accounts and payment information. Lovable doesn’t build those databases itself. It offers users an easy way to connect to a database service run by a startup called #Supabase."

as someone with what qualifies as a category expert on postgres who dove into building an app w/supabase last year, all i can say is that nothing about this surprises me.

https://universeodon.com/@cryptadamist/114649803259853811

https://blog.gslin.org/archives/2025/06/11/12450/supabase-%e6%89%93%e7%ae%97%e8%a6%81%e9%96%8b%e7%99%bc-postgresql-%e4%b8%8a%e7%9a%84-vitess%ef%bc%9amultigres/

Supabase 打算要開發 PostgreSQL 上的 Vitess：Multigres

Reactを学習して、1ヶ月半で名刺アプリを作った話。
https://qiita.com/Tomoboo_319/items/4484c471744920b26252?utm_campaign=popular_items&utm_medium=feed&utm_source=popular_items

Supabase raises $200M Series D at $2B valuation
https://finance.yahoo.com/news/exclusive-supabase-raises-200-million-112154867.html
#ycombinator #Copplestone #Supabase #term_sheet #Gonzalo_Mocorrea #Arun_Mathew #Guillermo_Rauch

First-party integrations from the #Vercel #Marketplace are now available in #v0
 
Add a persistent data store like #Supabase, #Neon, or #Upstash to your v0 generations in just a few clicks

https://vercel.com/changelog/vercel-marketplace-integrations-now-available-in-v0

Bonjour les francophones

Vous avez des blocages ou des questions sur @silex ? Passez les poser en live pendant l'émission de vendredi: https://events.silex.me/

Le thème abordé avant les questions sera "Silex vs Weweb"

> #Silex pour les sites statiques avec du contenu dynamique
> #Weweb pour les webapps en mode IA
> Les deux ont des intégrations #supabase et #n8n

A vendredi 14h15 :)

New blog post! Dive into my guide on Self-Hosting Supabase with Docker and Traefik as a reverse proxy. Learn how to manage routing, SSL, and security for your Supabase stack on a VPS. Check it out! #Supabase #Docker #Traefik #DevOps

https://flori.dev/reads/supabase-self-host-docker-traefik-reverse-proxy

looking at building a #fullstack web application and looking at my options for #rad #development of the frontend. I'm thinking of using #supabase for the #backend.

It's a fairly simple #CRUD app - or maybe a SCRUD or CRUDS app? The S being for #search

I'd pondering everything from a #lowcode tool to various #frameworks / #libraries - e.g. #react, #vue, #htmx, #materialui, etc.

Thoughts, recommendations?

Rate limiting in Supabase? Cron UI? Get it in #2 of my newsletter

https://news.supa.guide/p/2-rate-limiting-with-supabase-and-a-cron-ui

Unlocking Supabase: How to Self-Host for Just $3 a Month

Imagine running your own Supabase instance for less than the price of a coffee! With the rise of self-hosting, tech enthusiasts can now leverage powerful database solutions without breaking the bank. ...

https://news.lavx.hu/article/unlocking-supabase-how-to-self-host-for-just-3-a-month

My new #iOS app is live. It’s my biggest pet project so far, and it took 6 months to make. BookRPG is a book-tracking app with gamification and social media elements.

Tech stack: #SwiftUI #Supabase #OpenLibrary API

https://apps.apple.com/us/app/bookrpg/id6654914538

Trying out #postgrest with #csharp and the #supabase client. This might be a nice "quick and easy" way to spin up demo APIs for workshops or tutorials around #aspnetcore.

All runs locally off of #postgres #database. Pretty neat stuff for #dotnet devs.