HomeIntelligenceBrief
BREACH BRIEF🔴 Critical ThreatIntel

Supply Chain Exploit Chain Gives Free Zapier Accounts Write Access to Core SDK Packages

Token Security uncovered a five‑stage exploit chain that let a free Zapier account publish malicious code to Zapier’s core SDK packages, potentially compromising every authenticated user session. The chain exploited known anti‑patterns in serverless runtime, AWS role permissions, container image handling, and NPM token management, underscoring critical supply‑chain risk for SaaS automation platforms.

LiveThreat™ Intelligence · 📅 May 28, 2026· 📰 helpnetsecurity.com
🔴
Severity
Critical
TI
Type
ThreatIntel
🎯
Confidence
High
🏢
Affected
2 sector(s)
Actions
4 recommended
📰
Source
helpnetsecurity.com

Supply Chain Exploit Chain Gives Free Zapier Accounts Write Access to Core SDK Packages

What Happened – Token Security disclosed a five‑stage exploit chain that let a free Zapier account obtain write privileges on Zapier’s public developer SDK packages and on internal packages loaded in every authenticated session. The chain leveraged known anti‑patterns across Zapier’s Code runtime, AWS Lambda, container image handling, and NPM token management.

Why It Matters for TPRM

  • Demonstrates how seemingly benign “free‑tier” functionality can become a vector for a supply‑chain compromise of a SaaS provider.
  • Highlights the risk of credential leakage in container images and the need for zero‑trust handling of build‑time secrets.
  • Shows that third‑party automation platforms can become a pivot point to compromise downstream customers’ data and workloads.

Who Is Affected – SaaS automation platforms, API providers, and any organization that integrates with Zapier (e.g., finance, marketing, HR, IT).

Recommended Actions

  • Review Zapier’s security posture and confirm remediation of the disclosed chain.
  • Audit all third‑party automation tools for similar token‑leakage anti‑patterns.
  • Enforce least‑privilege IAM roles for serverless functions and container registries.
  • Require vendors to disclose and rotate any build‑time secrets stored in image histories.

Technical Notes – The chain began in Zapier’s “Code by Zapier” feature (AWS Lambda). Improper scrubbing of environment variables allowed reading of live STS session tokens via /proc/self/mem. Those tokens granted read access to 1,111 ECR repositories, from which an image containing an NPM publish token was extracted. The token had write rights and bypassed 2FA, enabling malicious publishing of core SDK packages that load in every user session. Source: Help Net Security

📰 Original Source
https://www.helpnetsecurity.com/2026/05/28/token-security-zapier-exploit-chain/

This LiveThreat Intelligence Brief is an independent analysis. Read the original reporting at the link above.

From the Verisq platform · Vendor Risk Hub

This is the scenario continuous vendor monitoring is built to catch.

When a vendor is compromised, your SOC 2 vendor-management controls are what produce the audit trail showing you knew, assessed, and acted. The Verisq AI Trust Operations platform tracks that continuously.

Explore the Verisq AI Trust Operations platform →