Bleeping Computer

Slack Bug Allowed Automating Account Takeover Attacks

Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using an HTTP Request Smuggling CL ...
Threat Post

Critical Slack Bug Allows Access to Private Channels, Conversations

The RCE bug affects versions below 4.4 of the Slack desktop app. A critical vulnerability in the popular Slack collaboration app would allow remote code-execution (RCE). Attackers could gain full ...
PC Magazine

Slack Patches Windows App Bug That Could've Been Used for Spying

Slack Patches Windows App Bug That Could've Been Used for Spying The flaw involves Slack's Windows desktop app, and how it can automatically send downloaded files to a certain destination. A security ...
ZDNet

Slack bug granted hackers full access to accounts, messages

Slack has fixed a security flaw that let hackers steal user authentication tokens used to gain full and complete access to accounts and messages. Frans Rosén created a proof-of-concept exploit that ...