Daily Brief

Asana identified and fixed a vulnerability in their Model Context Protocol (MCP) server, which had briefly allowed users to see data from other organizations. The issue led to a shutdown of the feature from June 5 to June 17 for maintenance and security checks. The MCP server, launched on May 1, enables users to connect Asana with external AI applications and use natural language to query enterprise data. The glitch was discovered on June 4, and Asana was proactive in communicating with affected customers and the public, though details on the number of impacted users were not disclosed. As a correction measure, Asana reset all connections to the MCP server, requiring organizations to manually reconnect to continue using the server. Security experts emphasized the importance of strict tenant isolation, least-privilege access, and thorough logging of LLM-generated queries to mitigate similar risks in future. No evidence suggests that the data exposure was maliciously exploited, but the incident underscores the inherent risks associated with innovative technologies.

A novel malware campaign, codenamed SERPENTINE#CLOUD by Securonix, utilizes Cloudflare Tunnel subdomains to host and disseminate Remote Access Trojans (RATs). Attackers distribute phishing emails with themes related to payments or invoices, containing malicious links to zipped documents that trigger the infection. The phishing emails lead to Windows shortcut (LNK) files that, once opened, initiate a complex infection sequence involving disguised Python-based shellcode loaders, which execute entirely in memory. The malware retrieves additional stages via WebDAV from a hosted Cloudflare Tunnel subdomain, using legitimate cloud services to evade detection and blocklisting mechanisms. The Securonix report highlights the shifting tactics of the threat actors, who now opt for LNK files instead of URL-based shortcuts, complicating defense against these attacks. Affected regions include the United States, United Kingdom, Germany, along with several other European and Asian countries. The identity and origin of the threat actors remain unclear, although their operations reflect a high level of English proficiency and sophisticated evasion techniques. The campaign demonstrates advanced techniques in social engineering and living-off-the-land strategies to ensure stealth and persistence.

A malware campaign named "Stargazers" targets Minecraft players, using fake mods and cheats to install infostealers on Windows devices. The campaign exploits Minecraft's large modding community and utilizes platforms like GitHub to distribute malicious mods to a broad audience. Detected by Check Point Research, the malicious operation has reached thousands of targets, indicated by numerous views on Pastebin links where malware payloads are hosted. The infostealers attempt to harvest Minecraft account tokens, Discord and Telegram tokens, and credentials from cryptocurrency wallets and various apps. The malware, undetectable by anti-virus engines, progresses through multiple stages, including a Java-based initial stealer and a more advanced .NET-based stealer named "44 CALIBER." Stolen data is exfiltrated using Discord webhooks, with some evidence pointing to Russian involvement in the campaign's operations. Check Point has released indicators of compromise to help identify and prevent attacks from this specific threat. Advice for Minecraft players includes using mods only from reputable sources and maintaining separate accounts for testing new mods.

A sophisticated malware campaign targeting Minecraft players has infected over 1,500 devices via malicious game mods on GitHub. The Java-based malware, dubbed as a part of the Stargazers Ghost Network, masquerades as popular Minecraft mods and cheats, deploying multi-stage attack vectors. Initial infection occurs when users download and execute a Java loader under the guise of enhancing gameplay, which then installs additional stealers when the game is launched. The malware specifically targets and steals Discord and Minecraft credentials, as well as data from Telegram, various web browsers, cryptocurrency wallets, and other applications. Captured data is transmitted back to the attackers through a Discord webhook, underscoring the sophistication and stealth of the operation. Researchers suggest the involvement of a Russian-speaking threat actor, evidenced by language artifacts and time-zone indicators in the code. This incident highlights the risks of downloading third-party mods and the effectiveness of gaming communities as vectors for malware distribution.

ChainLink Phishing subverts the typical phishing model by using trusted enterprise tools and reputable domains, making these attacks difficult to detect. Attackers utilize a series of credible-looking prompts on legitimate sites to deceive users into providing sensitive credentials, effectively bypassing conventional cyber defenses. These attacks exploit the central role of browsers in daily business operations, an area that has traditionally lacked adequate protection. Keep Aware introduces a browser-based phishing protection tool that analyzes user behavior, form submissions, and site context to combat these threats. Unlike traditional phishing methods which rely on recognizable red flags, ChainLink Phishing incorporates convincing methods such as CAPTCHAs and email authentication checks to appear legitimate. The security measures in most organizations fail to block these phishing attacks because they pass through trusted domains and do not trigger malware detection protocols. To address this sophisticated threat, there's a growing need to shift security focus from perimeter defense to real-time web page and user interaction analysis.

CISA has issued a warning to U.S. federal agencies about a critical vulnerability in the Linux kernel's OverlayFS subsystem, which could allow attackers to gain root privileges. The vulnerability, identified as CVE-2023-0386, was patched in January 2023, with public disclosure following two months later. Multiple proof-of-concept (PoC) exploits have been made available on GitHub since May 2023, facilitating easier exploitation of the vulnerability. Widely used Linux distributions such as Debian, Red Hat, Ubuntu, and Amazon Linux are affected if they are running on a kernel version lower than 6.2. CISA has mandated that Federal Civilian Executive Branch (FCEB) agencies patch their systems by July 8 to safeguard against attacks exploiting this flaw, as per the Binding Operational Directive (BOD) 22-01 from November 2021. The recent warnings underline the importance of rapid and effective patch management to address vulnerabilities that are often targeted by malicious actors.

Episource, a U.S.-based healthcare services company, has reported a data breach impacting over 5 million people. The breach occurred following a cyberattack detected between January 27 and February 6, 2025, involving unauthorized data access and exfiltration. Sensitive health information was stolen, although no banking or payment information was compromised. The breach has been reported to the U.S. Department of Health and Human Services, affecting 5,418,866 individuals. Impacted parties are being notified directly by Episource; affected healthcare providers and insurers are not sending separate notices. Episource advises all impacted individuals to monitor their financial statements and health benefits for any unauthorized activity. The company is currently taking steps to secure its systems and prevent future incidents.

Veeam issued patches for a third critical remote code execution (RCE) bug within a year, identified as CVE-2025-23121, affecting domain-joined backup servers, advising urgent updates for users. The discovered RCE vulnerability, scoring a 9.9 CVSS v3, is linked to previous bugs CVE-2025-23120 and CVE-2024-40711, all highlighting underlying issues with the BinaryFormatter component. Despite Veeam's efforts to mitigate recurring deserialization flaws through an exclusion list approach, watchTowr researchers deemed the method insufficient for protecting against such vulnerabilities. External researchers criticized Veeam’s Chief Product Officer's claims of near-perfection in their mitigation tactics, uncovering additional exploitable elements easily. Veeam plans to eliminate the problematic BinaryFormatter in the forthcoming Version 13 of Backup & Replication, slated for a potential H2 2025 beta release, aiming to end this series of security vulnerabilities. The recent updates in B&R version 12.3.1.1139 not only address the newest critical RCE flaw but also resolve two other less severe executable issues. Several ransomware groups, including those behind Fog and Akira, capitalized on previous B&R vulnerabilities for attacks, with CISA confirming these vulnerabilities’ exploitation in ransomware operations.

FedRAMP authorization is crucial for startups targeting the federal market, establishing trust from the onset. As opposed to a checkbox task, obtaining FedRAMP approval is an organizational shift demanding a strategic, comprehensive approach to deep security. Startups should align with NIST 800-53 Rev. 5 Moderate baseline from the beginning to embed a security-first mindset and reduce later adjustments. Success in FedRAMP requires fostering a collaborative environment across functional teams, integrating security practices tightly within the organization. Maintain consistency in product architecture across commercial and federal sectors to minimize technical discrepancies and simplify audit processes. Consider the business implications of FedRAMP thoroughly; the process is costly and extends over a long period, needing strong commitment. Select partners strategically for navigating the FedRAMP landscape, ensuring they contribute effectively without compromising the process. Create robust internal capabilities to manage FedRAMP processes in-house, as outsourcing can lead to increased risk and costs.

Water Curse, a new threat actor, uses GitHub repositories to deploy sophisticated multistage malware, which includes data theft and persistent access to infected systems. The campaign was first detected last month and employs weaponized repositories disguised as penetration testing tools. Malicious payloads, delivered via Visual Studio project files, initiate complex infection sequences using obfuscated VBS and PowerShell scripts. The techniques include anti-debugging, privilege escalation, and host defense suppression to maintain long-term access on compromised machines. Water Curse appears financially motivated, focusing on credential theft, session hijacking, and the resale of illicit access, impacting 76 GitHub accounts. The operation leverages legitimate infrastructure via services like Cloudflare and Telegram for stealthy, scalable attacks. Related malware activities, including AsyncRAT and various other trojans, have been used to target organizations globally since early 2024. The ongoing campaign also uses invoice-themed phishing lures in Europe to discretely deliver Sorillus RAT, reflecting a sophisticated blend of malicious techniques and tools.

BeyondTrust has patched a high-severity flaw in its Remote Support and Privileged Remote Access systems, identified as CVE-2025-5309, which allowed unauthenticated remote code execution. The vulnerability stemmed from a server-side template injection in the chat feature of the software, potentially letting attackers execute arbitrary code on the server. All cloud-based systems of RS/PRA were secured as of June 16, 2025, with a recommendation for on-premises users to manually apply the security patch if not using automatic updates. Temporary mitigation measures include enabling SAML authentication for the Public Portal and enforcing session keys usage while disabling the Representative List and Issue Submission Survey. BeyondTrust’s recent security breach involving zero-day vulnerabilities led to the compromise of 17 Remote Support SaaS instances and subsequent theft of an API key. U.S. Treasury Department networks were compromised by Chinese state-backed hackers using BeyondTrust vulnerabilities, affecting sensitive national security information.

New local privilege escalation vulnerabilities found in major Linux distributions could allow attackers to gain root privileges. The flaws, identified as CVE-2025-6018 and CVE-2025-6019, affect systems running openSUSE Leap 15 and SUSE Linux Enterprise 15 via PAM and libblockdev/udisks components. The udisks daemon vulnerability is concerning due to its default presence in nearly all Linux systems, making widespread exploitation possible. The Qualys Threat Research Unit, which discovered these vulnerabilities, has already developed and successfully tested proof-of-concept exploits. Security patches have been released and administrators are strongly urged to apply these immediately to prevent potential severe security breaches. Unpatched vulnerabilities can enable root access, agent tampering, persistence, and lateral movement across networked systems. Prior discoveries by Qualys researchers include multiple other critical Linux vulnerabilities, highlighting a recurring issue with default system configurations.

Multi-factor authentication (MFA) is underutilized globally with only 35% of businesses implementing it, exposing them to credential-based attacks. MFA implementation challenges include financial constraints, technical complexities, and user confusion due to multiple systems. Improper MFA setups increase help desk burdens and security risks, highlighted by the MGM Resorts attack where social engineering bypassed MFA securities. Specops Software offers solutions like Specops Secure Access, which simplifies MFA management across various platforms and enhances user authentication processes. Specops Secure Access integrates seamlessly with Active Directory, supporting scalability and redundancy, and offers innovative features such as MFA fatigue protection. The platform’s policy-driven approach tailors authentication measures based on location and network context to mitigate unauthorized access. Specops has played a critical role in recovery efforts, such as the Kalix municipality ransomware attack resolution through efficient password reset capabilities via MFA.

Iranian state-sponsored cyber activities have intensified since the conflict with Israel began, though their tactics remain unchanged. Amazon's Chief Information Security Officer (CISO), CJ Moses, observes increased efforts in espionage, data theft, and credential stealing without a pivot to more destructive attacks like wiper malware. Unlike Russian cyber operations during the Ukraine conflict, Iranian cyber strategies have not shifted towards destructive capabilities, focusing instead on maintaining access to critical networks and systems. Amazon's threat intel team has not detected any destructive cyberattacks by Iranian groups since the conflict's onset. Complementing traditional cyber threats, Moses highlighted how next-gen "script kiddies" are leveraging advanced AI to speed up attacks, transforming the landscape of cyber threats. AWS utilizes AI in network defense, running a network of AI-empowered honeypots (MadPot) to detect and analyze attacker behaviors more effectively. Despite the rapid evolution of AI in cyberattacks, Iranian groups have shown less interest in adopting agentic AI within their operations, contrasting with other criminal and nation-state actors monitored by Amazon.

Asana alerted users about a data exposure caused by a flaw in its Model Context Protocol (MCP) feature. The flaw allowed data from one organization’s Asana instance to be accessible to users of other organizations using the same MCP feature. This issue stemmed from a software bug, not from an external hack, occurring for over a month before detection. Exposed data could include task details, project metadata, team information, comments, and uploaded files, depending on user permissions. Asana, a project management SaaS platform, has over 130,000 paying customers worldwide. Affected entities are advised to review Asana logs, restrict LLM integration access, and pause certain AI functionalities until further assessments. Approximately 1,000 customers were reportedly impacted by this issue, with Asana now resuming normal operations after temporarily taking the MCP server offline.