Cloud Security, Phishing

Phishing attacks prompt feature takedown

A computer screen displays a digital alert of an email phishing threat, accompanied by a striking red warning sign.

BleepingComputer reports that widely used cloud-based project management platform had its "Share Update" feature removed following its exploitation to facilitate the delivery of phishing emails from its email accounts disclosed by its customers earlier this week.

Intrusions misusing the Share Update functionality involved attackers purporting to be from "Human Resources" who leveraged the "[email protected]" email address to send messages seeking feedback for this year's employee evaluation or an acknowledgment of organizational "workplace sex policy," which include links redirecting to phishing forms. Attackers were able to leverage Share Update by providing a list of email addresses which would receive notifications, according to, which has already suspended the user behind the exploitation.

"This feature has no connection to data hosted on or access to any customer accounts or data. We have reached out and shared precautions with the email recipients of the phishing message," noted a spokesperson.

Get daily email updates

SC Media's daily must-read of the most current and pressing daily news

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.