back to article Slack quick to whack account hijack crack

Slack quickly squashed a potential account hijack bug hours after it was reported. Frans Rosén, a security researcher at Detectify, discovered a vulnerability in Slack that created a means for a malicious website to steal a user's Slack token, potentially seizing control of their account in the process. Slack fixed the bug in …

  1. MrT

    it's good to hear...

    ...when a company gets it. This sort of thing needs an award of some sort, as an antidote to all the 'up yours' responses and "we take security very seriously" empty canned statements from leaky megacorps.

    Design idea for the award - an exclamation mark, in purple...

  2. NoneSuch
    Thumb Up

    An extra months pay would motivate some and save the company many times that.

POST COMMENT House rules

Not a member of The Register? Create a new account here.

  • Enter your comment

  • Add an icon

Anonymous cowards cannot choose their icon

Biting the hand that feeds IT © 1998–2019