Azure Active Directory Credentials Exposed via Public ASP.NET Configuration File
Summary
Hide ▲
Show ▼
A publicly accessible ASP.NET Core configuration file (appsettings.json) leaked Azure Active Directory (AD) credentials, potentially allowing attackers to authenticate via Microsoft's OAuth 2.0 endpoints and infiltrate Azure cloud environments. The exposed credentials, ClientId and ClientSecret, could be used to compromise cloud accounts, steal data, and perform further intrusions. The misconfiguration highlights the risks of poor secrets management in cloud-native applications. The discovery was made by Resecurity's HUNTER team, who found the credentials exposed on the public Internet. The affected company has since closed the loophole. This incident underscores the critical need for enterprises to monitor and secure their cloud configurations to prevent similar breaches.
Timeline
-
02.09.2025 14:52 1 articles · 27d ago
Azure AD Credentials Exposed via Public ASP.NET Configuration File
A publicly accessible ASP.NET Core configuration file (appsettings.json) leaked Azure AD credentials, allowing potential attackers to authenticate via Microsoft's OAuth 2.0 endpoints and infiltrate Azure cloud environments. The exposed credentials, ClientId and ClientSecret, could be used to compromise cloud accounts, steal data, and perform further intrusions. The affected company has closed the loophole, but the incident highlights the critical need for enterprises to monitor and secure their cloud configurations.
Show sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
Information Snippets
-
The exposed credentials included Azure AD ClientId and ClientSecret.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
The appsettings.json file was publicly accessible over the Internet.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
Attackers could use the leaked credentials to authenticate against Azure AD and access protected endpoints.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
Potential malicious activities include data theft, privilege escalation, and deployment of malicious applications.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
The appsettings.json file typically contains sensitive data such as database connection strings, API keys, and cloud service credentials.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
Attackers can exploit the leak to enumerate users, groups, and directory roles in Azure AD.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
The incident highlights the risks of poor secrets management in cloud-native applications.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
-
Regular scanning, penetration tests, and code reviews are essential to prevent such exposures.
First reported: 02.09.2025 14:521 source, 1 articleShow sources
- JSON Config File Leaks Azure ActiveDirectory Credentials — www.darkreading.com — 02.09.2025 14:52
Similar Happenings
ForcedLeak Vulnerability in Salesforce Agentforce Exploited via AI Prompt Injection
A critical vulnerability in Salesforce Agentforce, named ForcedLeak, allowed attackers to exfiltrate sensitive CRM data through indirect prompt injection. The flaw affected organizations using Salesforce Agentforce with Web-to-Lead functionality enabled. The vulnerability was discovered and reported by Noma Security on July 28, 2025. Salesforce has since patched the issue and implemented additional security measures, including regaining control of an expired domain and preventing AI agent output from being sent to untrusted domains. The exploit involved manipulating the Description field in Web-to-Lead forms to execute malicious instructions, leading to data leakage. Salesforce has enforced a Trusted URL allowlist to mitigate the risk of similar attacks in the future. The ForcedLeak vulnerability is a critical vulnerability chain with a CVSS score of 9.4, described as a cross-site scripting (XSS) play for the AI era. The exploit involves embedding a malicious prompt in a Web-to-Lead form, which the AI agent processes, leading to data leakage. The attack could potentially lead to the exfiltration of internal communications, business strategy insights, and detailed customer information. Salesforce is addressing the root cause of the vulnerability by implementing more robust layers of defense for their models and agents.
GeoServer RCE Exploit Used in Federal Agency Breach
A U.S. federal civilian executive branch (FCEB) agency was breached in July 2024 after attackers exploited an unpatched GeoServer instance. The attackers gained initial access through a critical remote code execution (RCE) vulnerability (CVE-2024-36401) and moved laterally within the network, deploying web shells and scripts for persistence and privilege escalation. The breach remained undetected for three weeks until the agency's Endpoint Detection and Response (EDR) tool alerted the Security Operations Center (SOC). The attackers exploited the vulnerability in GeoServer, which was patched in June 2024 but remained unpatched in the agency's environment. They used brute force techniques for lateral movement and privilege escalation, accessing service accounts and deploying web shells like China Chopper. The breach highlights the importance of timely patching, continuous monitoring of EDR alerts, and comprehensive incident response plans. The attackers discovered the vulnerable GeoServer instances by conducting network scanning with Burp Suite. They exploited the vulnerability to gain access to a public-facing GeoServer instance and downloaded open-source scripts and tools for lateral movement. On July 24, 2024, the attackers exploited the same vulnerability to gain access to a second GeoServer instance and moved laterally to a Web server and SQL server, where they dropped web shells, including China Chopper. The attackers also used Stowaway for command-and-control (C2) traffic and attempted to exploit CVE-2016-5195 for privilege escalation. The agency's incident response plan was inadequate, and some public-facing resources lacked endpoint protection, allowing the breach to remain undetected for three weeks.
GitHub Strengthens npm Supply Chain Security with 2FA and Short-Lived Tokens
GitHub is implementing enhanced security measures to protect the npm ecosystem, including mandatory two-factor authentication (2FA) and short-lived tokens. These changes aim to mitigate supply chain attacks, such as the recent "s1ngularity", "GhostAction", and "Shai-Hulud" attacks, which involved a self-replicating worm and compromised thousands of accounts and private repositories. The measures include granular tokens with a seven-day expiration, trusted publishing using OpenID Connect (OIDC), and automatic generation of provenance attestations for packages. Additionally, GitHub is deprecating legacy tokens and TOTP 2FA, expanding trusted publishing options, and gradually rolling out these changes to minimize disruption. GitHub removed over 500 compromised packages and blocked new packages containing the Shai-Hulud malware's indicators of compromise. The company encourages NPM maintainers to use NPM-trusted publishing and strengthen publishing settings to require 2FA. Ruby Central is also tightening governance of the RubyGems package manager to improve supply-chain protections.
ShadowLeak: Undetectable Email Theft via AI Agents
A new attack vector, dubbed ShadowLeak, allows hackers to invisibly steal emails from users who integrate AI agents like ChatGPT with their email inboxes. The attack exploits the lack of visibility into AI processing on cloud infrastructure, making it undetectable to the user. The vulnerability was discovered by Radware and reported to OpenAI, which addressed it in August 2025. The attack involves embedding malicious code in emails, which the AI agent processes and acts upon without user awareness. The attack leverages an indirect prompt injection hidden in email HTML, using techniques like tiny fonts, white-on-white text, and layout tricks to remain undetected by the user. The attack can be extended to any connector that ChatGPT supports, including Box, Dropbox, GitHub, Google Drive, HubSpot, Microsoft Outlook, Notion, or SharePoint. The ShadowLeak attack targets users who connect AI agents to their email inboxes, such as those using ChatGPT with Gmail. The attack is non-detectable and leaves no trace on the user's network. The exploit involves embedding malicious code in emails, which the AI agent processes and acts upon, exfiltrating sensitive data to an attacker-controlled server. OpenAI acknowledged and fixed the issue in August 2025, but the exact details of the fix remain unclear. The exfiltration in ShadowLeak occurs directly within OpenAI's cloud environment, bypassing traditional security controls.
Critical deserialization flaw in GoAnywhere MFT (CVE-2025-10035) patched
Fortra has disclosed and patched a critical deserialization vulnerability (CVE-2025-10035) in GoAnywhere Managed File Transfer (MFT) software. This flaw, rated 10.0 on the CVSS scale, allows for arbitrary command execution if the system is publicly accessible over the internet. The vulnerability was actively exploited in the wild as early as September 10, 2025, a week before public disclosure. Fortra has released patches in versions 7.8.4 and 7.6.3. The flaw impacts the same license code path as the earlier CVE-2023-0669, which was widely exploited by multiple ransomware and APT groups in 2023, including LockBit. The vulnerability was discovered during a security check on September 11, 2025. Fortra advised customers to review configurations immediately and remove public access from the Admin Console. The Shadowserver Foundation is monitoring over 470 GoAnywhere MFT instances, but the number of patched instances is unknown. The flaw is highly dependent on systems being externally exposed to the internet. The exploitation sequence involved creating a backdoor account and uploading additional payloads, originating from an IP address flagged for brute-force attacks.