ClickUp is a organization tracked across 2 threat clusters and 3 intelligence report mentions on ThreatCluster. First observed April 28, 2026; most recent activity May 19, 2026.
A contractor for the U.S. Cybersecurity and Infrastructure Security Agency (CISA) left a public GitHub repository named 'Private-CISA' exposed for six months, containing sensitive credentials including AWS GovCloud…
A security vulnerability in ClickUp has led to the exposure of 959 email addresses associated with major Fortune 500 companies and government agencies. The issue arises from a hardcoded Split.io SDK token in ClickUp’s…