How does a random user get a document in your notion instance?

memothon 5 hours ago | parent | next [-]

Lots of companies have automations with Zapier etc. to upload things like invoices or other documents directly to notion. Or someone gets emailed a document with an exploit and they upload it.

▲

simonw 5 hours ago | parent | prev | next [-]

In this case by emailing you a PDF with a convincing title that you might want to share with your coworkers - the malicious instructions are hidden as white text on a white background.

There are plenty of other possibilities though, especially once you start booking up MCPs that can see public issue trackers or incoming emails.

▲

cobertos 7 hours ago | parent | prev | next [-]

People put all kinds of stuff in Notion. People use it as a DB. People catalog things they find online (web clipper). There's collaboration features.

There are many ways

	▲	PokestarFan 5 hours ago \| parent [-]
		If I had to describe it, Notion is if somehow managed to combine OneNote and Excel. Of interest is the fact that the "database" system stores each row as a page with the column values other than title stored in a special way. Of course, this also means that it doesn't scale at all, but I have seen some crazy use cases (an example is replacing Jira).

▲

Lalabadie 7 hours ago | parent | prev [-]

The article gives a PDF document as an example, but depending on how links are opened and stored for Notion agents, threat actors could serve a different web page depending on the crawler/browser agent.

That means any industry-known documentation that seems good for bookmarking can be a good target.