A Slack Bug Exposed Some Users’ Hashed Passwords for 5 Years

5 August 2022

When users created or revoked a link—known as a “Shared Invite Link”—that others could use to sign up for a given Slack workspace, the command also inadvertently transmitted the link creator’s hashed password to other members of that workspace. The flaw impacted the password of anyone who made or scrubbed a Shared Invite Link over a five-year period, between April 17, 2017, and July 17, 2022.

Read full article on Wired – Threat Level

Date:

5 August 2022

Categorie(s):

NEWS

Tag(s):

Bug, Exposed, Hashed, Passwords, Slack

How APIs Help To Improve Your Customers’ Experience [5 Tips]20 April 2024
Essential Cyber Security Plan for Small Business20 April 2024
Are PayPal’s Executives Looking Towards Re-Inventing the Product’s Identity?20 April 2024
Why A One-Size-Fits-All Approach No Longer Works For Modern Banking Clients20 April 2024
What Is Zero Trust Architecture All About?20 April 2024