Zapier exploit chain shows how known anti

Source: Feeds2.Feedburner

Published:

<p>A five-stage exploit chain disclosed by Token Security researchers turned a free Zapier account into write access on Zapier’s public developer SDK packages and on internal packages that load in every authenticated zapier.com session. Each link in the chain was a known anti-pattern. The compositio

Read original article