XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks

clock • 3 min read
XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks
Image:

XSLeak flaw in Slack could allow a malicious workspace member to launch de-anonymisation attacks

Slack says users can prevent such attacks by ensuring that everyone in their workspace is 'trusted'

A security researcher claims to have uncovered a cross-site leak (XSLeak) flaw in the file-sharing feature of Slack's web application which could enable threat actors to identify users outside of t...

To continue reading this article...

Join Computing

  • Unlimited access to real-time news, analysis and opinion from the technology industry
  • Receive important and breaking news in our daily newsletter
  • Be the first to hear about our events and awards programmes
  • Join live member only interviews with IT leaders at the ‘IT Lounge’; your chance to ask your burning tech questions and have them answered
  • Access to the Computing Delta hub providing market intelligence and research
  • Receive our members-only newsletter with exclusive opinion pieces from senior IT Leaders

Join now

 

Already a Computing member?

Login

You may also like
EU opens disinformation probe against Meta as elections loom

Compliance

Comes as Meta closes key disinformation tracking tool

clock 01 May 2024 • 2 min read
Facebook chatbot claims to have a child with 'unique needs and abilities'

Social Networking

Moving fast and breaking things again

clock 19 April 2024 • 3 min read
EU watchdog rejects Meta's 'pay for privacy' attempt

Social Networking

Can't charge for data privacy

clock 19 April 2024 • 2 min read

More on Threats and Risks

Threat group 'systematically compromising Snowflake customer instances'

Threat group 'systematically compromising Snowflake customer instances'

165 organisations notified to date

Kyle Alspach
clock 11 June 2024 • 2 min read
Microsoft warns of potential Azure Service Tags misuse by hackers

Microsoft warns of potential Azure Service Tags misuse by hackers

Ten specific Azure services are currently identified as susceptible

clock 11 June 2024 • 2 min read
Microsoft overhauls Recall, makes it opt-in

Microsoft overhauls Recall, makes it opt-in

The move comes after security concerns from experts

clock 10 June 2024 • 3 min read