removes “Share Update” feature abused for phishing attacks

Project management platform has removed its “Share Update” feature after threat actors abused it in phishing attacks. is a cloud-based project management platform that allows teams to organize and manage their work using automated workflows and dashboards. The platform is used by 225,000 customers, including Coca-Cola, Canva, LionsGate, Oxy, Compass, and Zippo.

On Tuesday, customers told BleepingComputer they were concerned that the company was compromised after receiving phishing emails from its email accounts.

These emails were sent using SendGrid and came from [email protected], passing SPF, DMARC, and DKIM authentication.

The phishing emails pretended to come from a “Human Resources” department, asking users to either acknowledge the “organization’s workplace sex policy” or submit feedback as part of a “2024 Employee Evaluation.”

A phishing email sent through
A phishing email sent through
Source: BleepingComputer

Embedded in the emails were links containing shortened URLs, such as, that led to phishing forms on The forms associated with these phishing campaigns have since been disabled, so BleepingComputer does not know what information was being collected.

After contacting about the phishing attacks earlier this week, they told BleepingComputer today that the attacks were conducted through their ‘Share Update’ feature.

“We were made aware of the misuse of a feature named “Share Update,” which allows users to share an update with someone who isn’t a member of their account,” a spokesperson told BleepingComputer.

“Unfortunately, a user misused this feature by sending a phishing message. We promptly suspended this user and removed the feature.”

“This feature has no connection to data hosted on or access to any customer accounts or data. We have reached out and shared precautions with the email recipients of the phishing message.” says that the threat actor abused this feature by inputting a list of email addresses to which a notification should be sent, which can include people outside of their organization.

When asked how many people received an email, they declined to answer for security reasons but said they contacted all recipients to warn them of the phishing emails.

For those who used the ‘Share Update’ feature, told BleepingComputer that it is under review and cannot provide a timeline for when or if the feature will be restored.

This content is being syndicated from Source link for documentation purpose. If you are the owner of the content and like it removed, kindly contact me here and I will remove the content.

Leave a Comment

Your email address will not be published. Required fields are marked *

Scroll to Top