Critical Slack Bug Allows Access to Private Channels, Conversations
A critical vulnerability has been discovered in the Slack desktop app affecting versions below 4.4. The vulnerability could allow attackers to perform remote code execution (RCE) and gain full control over the app. This could lead to threat actors accessing Slack users’ private channels, passwords, conversations, tokens, and keys, as well as various other functions. Depending on the target’s Slack configurations, a successful exploit of this vulnerability could also lead to further compromise of the device.