AMBER AI: Support Portal Takeover via Leaked API KEY

Thanks @khizer47 for the report. Insecure zendesk API token hardcoded in JS file, causing Support portals to lose control of administrator rights. We removed dangerous token and controlled permissions by using more secure OAuth token. An API key & associated Email was Hardcoded into a JS file...

Slack: Many Slack teams can be joined by abusing an improperly configured support@ inbox

@securinti informed us of support portals configured in manners which allowed for abuse. This is not an issue with Slack itself, but we were able to make a change to help mitigate this for such insecure configurations. Thank you!...