A newly disclosed exploit chain dubbed Zapocalypse demonstrates how a low-privilege code-execution feature within Zapier could have been chained into a supply chain attack path with platform-wide account takeover impact. Token Security said its researcher will present the full chain at fwd:cloudsec North America on June 1, 2026. The attack begins inside “Code by Zapier”, a legitimate product feature […]
The post Zapocalypse Attack Chain Enables Full Zapier Account Takeover appeared first on Cyber Security News.