Infosecurity-magazine.com

#DEFCON: Electrovolt Exploits Against Electron Desktop Apps Exposed

Electron is a widely used open source technology for building applications, making it a particularly lucrative attack target. In a session at the DEFCON 30 security conference in Las Vegas, security ...
Engadget

Microsoft Teams has been storing authentication tokens in plaintext

Microsoft Teams stores authentication tokens in unencrypted plaintext mode, allowing attackers to potentially control communications within an organization, according to the security firm Vectra. The ...
Ars Technica

Microsoft Teams stores cleartext auth tokens, won’t be quickly patched

Microsoft’s Teams client stores users’ authentication tokens in an unprotected text format, potentially allowing attackers with local access to post messages and move laterally through an organization ...
Hackaday

This Week In Security: Discord, Chromium, And WordPress Forced Updates

[Masato Kinugawa] found a series of bugs that, when strung together, allowed remote code execution in the Discord desktop app. Discord’s desktop application is an Electron powered app, meaning it’s a ...