At times, we’ve come to you with stories about security researchers being paid thousands—and in some cases hundreds of thousands—of dollars by companies for finding critical bugs in well-known software or hardware. However, this time, the story is different. It’s about a company that was stingy, and that’s not cool.
According to Mashable and Bleeping Computer, Slack paid security researcher Oskars Vegeris $1,750 for finding and reporting a bug that would have allowed hackers to hijack a person’s computer. To do this, all a hacker needed to do was upload a file and share it with another Slack user or channel on the app’s desktop version.