Slack has patched a critical remote code execution vulnerability that could enable an attacker to execute arbitrary code in the desktop version of its collaboration software, researchers report. Oskars Vegeris, a security engineer at Evolution Gaming, discovered the flaw and privately shared it with Slack in January 2020 through HackerOne.
Read full article on Dark Reading