Set as Homepage - Add to Favorites

【Secret Confessions (2025) Wifey's BFF Episode 48】

Source:Miracle Information Network Editor:Science Time:2025-06-26 09:47:37

A bug in one of Asana's new AI features made user information accessible to other users for several weeks.

The Secret Confessions (2025) Wifey's BFF Episode 48company said the issue was resolved and it was not the result of a malicious hack. Instead, it appeared to be a logic flaw in its MCP (Model Context Protocol) server that was released on May 1, according to cybersecurity firm UpGuard (via BleepingComputer).

MCP is an open-source framework that enables AI assistants to interact with sites and apps. The introduction of Asana's MCP Server enabled companies to integrate AI features like summarization and natural language search from LLMs.

You May Also Like
SEE ALSO: 'Your Year in Asana' is a reminder of all the work you did (or didn’t do)

The rise of generative AI tools and new standards that enable interoperability for LLMs create new privacy issues and increased cybersecurity risk. MCP servers are a shiny new target for hackers, and there's also risk of prompt injection attacks, token theft, and a general increase in data leaks since MCPs request broad permission to function smoothly, according to a blog post from cybersecurity firm Pillar.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

According to UpGuard, the bug "appears to have been part of this initial release," and was discovered by Asana on June 4. But during this time, Asana users working with the MCP server have been able to access information from other accounts' "projects, teams, tasks, and other Asana objects," according to an email reportedly sent to customers impacted.

In a statement to BleepingComputer, Asana said the bug impacted around 1,000 accounts. Asana has more than 130,000 companies using its project management platform, including some big companies like Uber, Spotify, and Airbnb. (Disclosure: Mashable's editorial team also uses Asana.)

Asana took the server offline and informed customers using the MCP server on June 16 about the bug. "As soon as the vulnerability was discovered, our teams immediately took the MCP server down and resolved the issue in our code," Asana said in its statement to BleepingComputer. Meanwhile, the company sent a contact form to customers potentially impacted to compile a full report of which companies may have had their data exposed.

It's unclear yet if there was any major data breach, but Asana advised companies to review their logs for MCP access and any information generated by their AI tools and report it to Asana if they find any data that doesn't belong to their company.

UPDATE: Jun. 18, 2025, 1:50 p.m. EDT Asana confirmed in a status update that the affected server was back online as of June 17.

Topics Cybersecurity Privacy

Previous:The best day to book your flight, according to Google

Next:Testing Windows 10 Performance Before and After the Meltdown Flaw Emergency Patch

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

Houston's local businesses pitch in as Harvey's flooding wreaks havocWhy the Mayweather vs. McGregor fight is so gross'Game of Thrones' Season 7 finale: Who will die?'Overwatch' director shames a forum troll using the most brutal weapon of all: FactsOne deliciously nerdy 'Destiny 2' change will cut down on so much dumb tediumJubilite is the colorful lamp getting girls involved in STEMGuy sues Showtime because he says stream quality of MayweatherAmazon is already slashing Whole Foods prices by up to 43%All the outSocial media is helping police make arrests related to the violence in Charlottesville16 times people were brilliantly trolled using AirDropThis interactive map will tell you when to look for peak fall foliage in your areaOne deliciously nerdy 'Destiny 2' change will cut down on so much dumb tediumFacebook is going after one of the big ways fake news spreads'Game of Thrones' Season 7 finale: Sansa Stark MVPFacebook is going after one of the big ways fake news spreadsTobe Hooper, architect of the original 'Texas Chainsaw Massacre,' is dead at 74Elon Musk shows off the Boring Company's tunnel with a Tesla insideOne deliciously nerdy 'Destiny 2' change will cut down on so much dumb tediumThese Houston rescuers will temporarily restore your faith in humanity Kim Kardashian sticks up for Khloe in a tweet targeting Lamar Odom UK's new loneliness minister will combat a serious health threat Ariana Grande's 'Fortnite' concert is a genuinely good time Tide Pod pizza marks the saturation point for a dumb viral meme Alison Brie addresses sexual misconduct accusations against brother Uber, Lyft prices keep climbing to new highs, report finds Google will make it easier for kids and teens to remove photos from Google search Scarlett Johansson brilliantly called out James Franco during her Women's March speech A hotel has banned all bloggers after an escalating feud with this YouTuber The White House turned a shutdown away message into a political attack Supreme Patty: The obnoxious Instagram star you've never heard of People think Millie Bobby Brown is a doppelgänger for young Natalie Portman TikTok's new privacy features make teens think about their decisions WhatsApp won't use Apple's child abuse image scanner Stunning photo of Jupiter's largest moon marks 10 years for Juno probe Tesla officially pushes back Cybertruck production to 2022 Philadelphia goes wild after the Eagles make it to the Super Bowl These cricket commentators had no idea who Donkey Kong was WhatsApp now allows you to move chat history between Android and iOS Judge slams USA Gymnastics doctor for saying victim statements about abuse hurt his mental health

2.6902s , 8204.984375 kb

Copyright © 2025 Powered by 【Secret Confessions (2025) Wifey's BFF Episode 48】,Miracle Information Network  

Sitemap

Top

Quick Links