Slack users have been warned to take extra care when using the online collaboration service after researchers uncovered worrying security risks. According to an AT&T AlienLabs report, incoming ‘webhooks’, which are used to connect from third-party apps to post messages on Slack, can be hijacked to carry out phishing attacks. A compromised webhook not only allows unauthorized users to send messages to all the Slack channels, but it can also alter channel posting permissions.
Source: TechRadar
