Slack is one of the most popular chat apps for work out there, and that happened well before the novel coronavirus pandemic forced millions of people to work from home. Salesforce’s announcement in early December that it paid $27.7 billion for the app further confirms the importance of Slack in the workplace. But it turns out something else started happening on Slack in mid-December, lasting for about a month. The Android version of the app stored login credentials in plain sight, which is the kind of security risk that could expose your Slack password to any other app on the device.