Friday, May 10, 2024 Removes Share Update Feature as It Becomes Phishing Nest

 Project management platform has removed the "Share Update" feature after threat actors misused it in phishing attacks. is a cloud-based project management platform that allows teams to organize and manage their work using automated workflows and dashboards. The platform is used by 225,000 customers, including Coca-Cola, Canva, LionsGate, Oxy, Compass, and Zippo.

On Tuesday, customers informed BleepingComputer that they were concerned the company had been hacked after receiving phishing emails from their email accounts.

These phishing emails were sent using SendGrid and originated from, passing SPF, DMARC, and DKIM authentication.

The phishing emails pretended to come from the "Human Resources" department, asking users to acknowledge "organization workplace sex policies" or provide feedback as part of the "2024 Employee Evaluation."

Embedded in the email were links containing shortened URLs, such as, which led to a phishing form on The form associated with the phishing campaign has been disabled, so BleepingComputer does not know what information was collected.

After contacting about the phishing attack earlier this week, they informed BleepingComputer today that the attack was conducted through their 'Share Update' feature.

"We were notified of the abuse of a feature called 'Share Update,' which allows users to share updates with someone who is not a member of their account," a spokesperson told BleepingComputer.

"Unfortunately, a user misused this feature by sending a phishing message. We immediately suspended this user and removed the feature."

"This feature has no connection to the data hosted on or access to any customer accounts or data. We have reached out and shared preventive measures with the recipients of the phishing message." said threat actors abused this feature by inputting a list of email addresses to where notifications should be sent, which could include people outside their organization.

When asked how many people received the emails, they declined to answer for security reasons but said they had contacted all recipients to warn them about the phishing emails.



Post a Comment