Threat Post

Slack Plugs Token Security Hole

Slack fixes a security loophole that opened hundreds of corporate Slack accounts to the public. Popular collaboration and communication firm Slack rushed to plugged a security hole in its platform ...
PC World

Developers leak Slack access tokens on GitHub, putting sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become ...
Threat Post

Slack Fixes Cross-Origin Token Theft Bug

The cloud-based collaboration tool Slack was quick to fix a bug earlier this month that could have let an attacker steal a user’s private Slack token. The cloud-based collaboration tool Slack was ...
Mashable

Ouch: Some Slack developers have been exposing corporate data

If you perform a very specific query in the search field of online code repository Github, where many Slack bot projects are stored, you can get info that potentially lets you access a trove of ...
Graham Cluley

Slack only took five hours to fix bug that could have allowed hackers to hijack your account

Frans Rosén, a security researcher at Detectify, has been awarded $3,000 from Slack after uncovering a serious vulnerability that could have helped hackers to seize control of users’ accounts. As ...
Computerworld

Devs leak Slack access tokens on GitHub, put sensitive business data at risk

Developers from hundreds of companies have included access tokens for their Slack accounts in public projects on GitHub, putting their teams’ internal chats and other data at risk. Slack has become ...