Bleeping Computer

Slack Bug Allowed Automating Account Takeover Attacks

Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using an HTTP Request Smuggling CL ...
Threat Post

Critical Slack Bug Allows Access to Private Channels, Conversations

The RCE bug affects versions below 4.4 of the Slack desktop app. A critical vulnerability in the popular Slack collaboration app would allow remote code-execution (RCE). Attackers could gain full ...