Bleeping Computer

Slack Bug Allowed Automating Account Takeover Attacks

Slack has fixed a security flaw that allowed hackers to automate the takeover of arbitrary accounts after stealing session cookies using an HTTP Request Smuggling CL ...
Threat Post

Critical Slack Bug Allows Access to Private Channels, Conversations

The RCE bug affects versions below 4.4 of the Slack desktop app. A critical vulnerability in the popular Slack collaboration app would allow remote code-execution (RCE). Attackers could gain full ...
Dark Reading

Slack Patches AI Bug That Let Attackers Steal Data From Private Channels

Salesforce's Slack Technologies has patched a flaw in Slack AI that could have allowed attackers to steal data from private Slack channels or perform secondary phishing within the collaboration ...