image credit: Pixabay

Slack Flaw Allows Hackers to Steal, Manipulate Downloads

May 20, 2019


A recently patched vulnerability in the Slack desktop application for Windows can be exploited by malicious actors to steal and manipulate a targeted user’s downloaded files.

David Wells, a researcher at Tenable, discovered that version 3.3.7 of the Slack desktop app is affected by a download hijacking vulnerability that can be exploited by getting the targeted user to click on a specially crafted link pasted into a Slack channel. The security hole was patched by Slack with the release of version 3.4.0.

Read More on Security Week