A bug in one of Asana's new AI features made user information accessible to other users for several weeks.
The Us Raat (2025) Hindi Web Seriescompany said the issue was resolved and it was not the result of a malicious hack. Instead, it appeared to be a logic flaw in its MCP (Model Context Protocol) server that was released on May 1, according to cybersecurity firm UpGuard (via BleepingComputer).
MCP is an open-source framework that enables AI assistants to interact with sites and apps. The introduction of Asana's MCP Server enabled companies to integrate AI features like summarization and natural language search from LLMs.
The rise of generative AI tools and new standards that enable interoperability for LLMs create new privacy issues and increased cybersecurity risk. MCP servers are a shiny new target for hackers, and there's also risk of prompt injection attacks, token theft, and a general increase in data leaks since MCPs request broad permission to function smoothly, according to a blog post from cybersecurity firm Pillar.
According to UpGuard, the bug "appears to have been part of this initial release," and was discovered by Asana on June 4. But during this time, Asana users working with the MCP server have been able to access information from other accounts' "projects, teams, tasks, and other Asana objects," according to an email reportedly sent to customers impacted.
In a statement to BleepingComputer, Asana said the bug impacted around 1,000 accounts. Asana has more than 130,000 companies using its project management platform, including some big companies like Uber, Spotify, and Airbnb. (Disclosure: Mashable's editorial team also uses Asana.)
Asana took the server offline and informed customers using the MCP server on June 16 about the bug. "As soon as the vulnerability was discovered, our teams immediately took the MCP server down and resolved the issue in our code," Asana said in its statement to BleepingComputer. Meanwhile, the company sent a contact form to customers potentially impacted to compile a full report of which companies may have had their data exposed.
It's unclear yet if there was any major data breach, but Asana advised companies to review their logs for MCP access and any information generated by their AI tools and report it to Asana if they find any data that doesn't belong to their company.
UPDATE: Jun. 18, 2025, 1:50 p.m. EDT Asana confirmed in a status update that the affected server was back online as of June 17.
Topics Cybersecurity Privacy
Sony launches new flagship XM6 headphones: Order them now
Too many celebs to count struggle with modern love in Netflix's 'Easy' trailer
Disney removes healthy gumbo recipe after Louisiana revolts
What the heck is going on with Drake, Kanye West and Kid Cudi?
Astronomers saw one galaxy impale another. The damage was an eye
Here's how much you'd have to pay to buy an iPhone 7 in India
Sweet little princess is terrified of Donald Trump
Isn't it obvious what happened to iPhone 7 Plus supplies?
Put Me In, Coach!
'Orange Is The New Black,' 'Mad Men' will soon be available on Vimeo
Gods of War
Baseball exec gets suspended for keeping secret medical records
World's biggest brands join forces to improve online ads
Nielsen to finally overhaul its dinosaur local TV ratings system next year
NYT Connections hints and answers for May 10: Tips to solve 'Connections' #699.
Mom and daughter's text convo about tampons rips into the patriarchy
Thought you'd buy yourself an iPhone 7 on Friday? Too bad, UK.
Not everyone is happy Jimmy Fallon messed with Donald Trump's hair
I'm a college professor. My advice to young people who feel hooked on tech
The many controversies of 'The Dr. Oz Show'
Tips and strategies to help you master every 'Overwatch' heroThis was the first time climate change has been discussed in a presidential debate since 2008Is Trump toast? Clinton scores a huge victory in the first debate.Elon Musk's SpaceX wants to take you to Mars starting in 2024Trump on cybersecurity: 'I have a son. He's 10 years old. He has computers.'Trump says Miss Universe winner Alicia Machado gained 'a massive amount of weight'Trump campaign unveils 'Crooked Hillary' Snapchat filter before debateThe entire Marlins team will wear No. 16 in José Fernandez tribute'Sad Bernie' sends the internet into a memeLisa Henson says digital characters can still feel like the Muppets we grew up withDonald Trump is not deleting tweets, despite claims to the contraryThe Hillary shimmy GIF that's perfect for when you're winning at lifeSprawling Typhoon Megi plows into Taiwan with howling winds, flooding rainsApple was never going to 'win' its WWDC keynoteTrump on cybersecurity: 'I have a son. He's 10 years old. He has computers.'Restaurant knows just how to advertise to terrible childrenBright blue burgers are here to fulfill your insatiable hunger for weird foodLisa Henson says digital characters can still feel like the Muppets we grew up withAmazon gives greenlight to 'I Love Dick,' 'JeanVoters are using YouTube for election news in ways you wouldn't expect Brilliant ad shows the impact of Japan's tsunami of 2011 that killed tens of thousands Kristen Stewart shaved her head and we're all just so happy for her Snapchat totally ruined its Marie Curie filter for International Women's Day, this is not good Chrissy Teigen tells the secrets of her phone and her most used emojis FBI director says 'there is no such thing as absolute privacy in America.' Welp. John Boyega has no time for Samuel L. Jackson's 'Get Out' criticism Maisie Williams thinks she looks like an emoji and she's sort of right SXSW Interactive is still the most valuable business weekend of the year New coral reefs study finally gives us some good news Watch NBA stars morph from rookies into vets in these mesmerizing GIFs You need to see this painstaking Lego recreation of a classic March Madness shot 2 major Switch problems Nintendo should fix before adding Netflix Who's Behind the Massive Wikileaks Dump? The CIA Would Like to Know These are some of the celebrities tweeting in honor of women today Donald Trump tweeted about International Women's Day and everyone's making the same joke Girls across the world: This is what 'being a woman' means to me Lessons for surviving the Trump presidency I learned from actual horror movies Why can't there be an International Men's Day? Bridget Trump lets rip Samantha Bee's tweet about Trump and 'A Day Without A Woman' totally nailed it Trump's favorite techie thinks there should be 'more open debate' on global warming
2.7395s , 10111.671875 kb
Copyright © 2025 Powered by 【Us Raat (2025) Hindi Web Series】,Co-creation Information Network