Human error strikes again by exposing small and large companies to a new attack vector via Slack channels
http://i1-news.softpedia-static.com/images/fitted/340x180/slack-api-credentials-left-in-github-repos-open-new-doors-for-corporate-hacking.jpg
Apr 28, 2016 22:10 GMT · By Catalin Cimpanu Careless developers from companies around the world have forgotten to remove sensitive API access tokens from Slack bots uploaded on GitHub, security researchers from Detectify Labs reported today.
Security experts claim they've found over 1,500 Slack access tokens while scanning GitHub projects. Most of these tokens have been found in Slack bots, small apps that allow developers to automate various operations inside Slack channels.
Slack is one of today's most successful Silicon Valley companies, enabling users to create private or public chat rooms, on demand, to use for personal purposes or for their businesses.
Full Article