Set as Homepage - Add to Favorites

【hewitt eroticism nationalism】

Source:Unobstructed Information Network Editor:Tech Time:2025-06-27 04:02:46

A bug in one of Asana's new AI features made user information accessible to other users for several weeks.

The hewitt eroticism nationalismcompany said the issue was resolved and it was not the result of a malicious hack. Instead, it appeared to be a logic flaw in its MCP (Model Context Protocol) server that was released on May 1, according to cybersecurity firm UpGuard (via BleepingComputer).

MCP is an open-source framework that enables AI assistants to interact with sites and apps. The introduction of Asana's MCP Server enabled companies to integrate AI features like summarization and natural language search from LLMs.

You May Also Like
SEE ALSO: 'Your Year in Asana' is a reminder of all the work you did (or didn’t do)

The rise of generative AI tools and new standards that enable interoperability for LLMs create new privacy issues and increased cybersecurity risk. MCP servers are a shiny new target for hackers, and there's also risk of prompt injection attacks, token theft, and a general increase in data leaks since MCPs request broad permission to function smoothly, according to a blog post from cybersecurity firm Pillar.

Mashable Light Speed Want more out-of-this world tech, space and science stories? Sign up for Mashable's weekly Light Speed newsletter. By clicking Sign Me Up, you confirm you are 16+ and agree to our Terms of Use and Privacy Policy. Thanks for signing up!

According to UpGuard, the bug "appears to have been part of this initial release," and was discovered by Asana on June 4. But during this time, Asana users working with the MCP server have been able to access information from other accounts' "projects, teams, tasks, and other Asana objects," according to an email reportedly sent to customers impacted.

In a statement to BleepingComputer, Asana said the bug impacted around 1,000 accounts. Asana has more than 130,000 companies using its project management platform, including some big companies like Uber, Spotify, and Airbnb. (Disclosure: Mashable's editorial team also uses Asana.)

Asana took the server offline and informed customers using the MCP server on June 16 about the bug. "As soon as the vulnerability was discovered, our teams immediately took the MCP server down and resolved the issue in our code," Asana said in its statement to BleepingComputer. Meanwhile, the company sent a contact form to customers potentially impacted to compile a full report of which companies may have had their data exposed.

It's unclear yet if there was any major data breach, but Asana advised companies to review their logs for MCP access and any information generated by their AI tools and report it to Asana if they find any data that doesn't belong to their company.

UPDATE: Jun. 18, 2025, 1:50 p.m. EDT Asana confirmed in a status update that the affected server was back online as of June 17.

Topics Cybersecurity Privacy

Previous:Amazon Prime members gets 10% off Grubhub orders through Feb. 17

Next:Trump's foreign aid freeze halts funding for digital diplomacy bureau

Related Articles
Related Recommendations
Categories
Latest Articles
Popular Articles
Hot Recommendations
Featured Column

Quick Links

A mama fat bear mauled another bear. Here's why.Vivo X100S to feature new MediaTek Dimensity 9300+ chipset · TechNodeNamibia vs. Oman 2024 livestream: Watch T20 World Cup for freeTikTok challenges US law forcing owner ByteDance to sell or face nationwide ban · TechNodeHow scientists revealed a new Martian rock type without the rockBest Keurig deal: Save on the Keurig KTSMC's advanced packaging capacity fully booked for the next two years · TechNodeXiaomi set to unveil CIVI 4 Pro Disney Princess Edition · TechNodeTicketmaster breach confirmed: What you need to know15 incredible wildlife photos that show nature's quiet, striking, and brutal momentsWhat to know about the Sonos Ace headphones — preEarbuds deal: Get up to 36% off earbuds at AmazonTsitsipas vs. Alcaraz 2024 livestream: Watch French Open for freeSpaceX Inspiration4 mission shares first dazzling photos from orbit15 incredible wildlife photos that show nature's quiet, striking, and brutal momentsXiaomi set to unveil CIVI 4 Pro Disney Princess Edition · TechNodeFootage shows return of colossal sunspot that created Northern LightsWhat happens next in 'House of the Dragon,' according to 'Fire and Blood'Scientists spot a giant tortoise behaving in a strange, wild wayTsitsipas vs. Alcaraz 2024 livestream: Watch French Open for free President Obama explains why Michelle will never run for office Hacker jailed for stealing nude celebrity photos from iCloud accounts Miley Cyrus celebrates 'Hannah Montana' anniversary with cute throwback photo Google's API changes will kill off some IFTTT functionality Genius bong manufacturer loses Starbucks lawsuit Here's how to find your polling place — and where to eat or drink after Sara Bareilles and Leslie Odom Jr. concocted your new favorite election song Drunken online shopping is big business — especially for Amazon The stream for Apple's event is already up, and it's tons of fun Pick up your used car at Carvana's newest car Facebook stored passwords in plain text for hundreds of millions of users Watch a Donald Trump impersonator terrify Ricky Gervais on 'Ellen' Rihanna look Nintendo is on to something with its simple and cheap Labo Apple's AirPower might come soon. Here's the evidence. Nintendo reportedly has two new Switch consoles in the works Watch Idris Elba kickboxing and be thankful you're not fighting him Katy Perry dressed up as a scary good Hillary Clinton for Halloween Next iPhone might be able to wirelessly charge some Apple accessories Nurx wants you to get birth control from an app

3.4121s , 10174.78125 kb

Copyright © 2025 Powered by 【hewitt eroticism nationalism】,Unobstructed Information Network  

Sitemap

Top

Quick Links