Well you’re really going to love this expert blog post series on the flaws of MCPs and how they are exactly exploited. (I’m not the author) [0]
But as always in times of lots of hype, this get no attention and no-one cares.
That’s just blogvertising. The fact that you think that’s an expert take harms your credibility.
Those all appear to be thinly disguised sales pitches for their Tramlines product.
They also look to be selling the kind of filtering/guardrails solution that I argue in my talk doesn't actually work. (Update: that's a little unfair, I had a look and a bunch of their rules are at least deterministic, like making sure DELETE isn't present in a call made to a database MCP.)
If you're looking for credible sources on MCP and prompt security that aren't my blog, I strongly recommend https://embracethered.com/blog/