A critical remote-code-execution vulnerability affecting past versions of the Slack desktop app was disclosed on Friday after the software maker fixed its app. The behind-the-scenes wrangling leading up to the patch has prompted criticism regarding the size of the bug bounty reward for the vulnerability, and the persistent deployment of insecure Electron framework software.
Read full article on The Register