Thursday detectify reported that thousands of developers building bots for the team collaboration tool Slack were exposing their login credentials in public GitHub repositories and tickets. However, The irony is that a lot of these bots are mostly fun 'weekend projects'.
Slack responded that they were now actively searching for publicly posted login credentials,
"and when we find any, we revoke the tokens and notify both the users who created them, as well as the owners of affected teams.”
Read detictify full article here.