TEL AVIV, Israel and NEW YORK, May 28, 2026 (GLOBE NEWSWIRE) — Token Security, the leader in identity-first AI agent security, today announced that Yair Balilti, Security Research Team Leader, will present new vulnerability research at fwd:cloudsec North America on June 1, 2026, demonstrating how a chained exploit targeting automation platforms and serverless environments can escalate to a full Zapier AI platform account takeover.
For complete details on the research findings, visit: https://www.token.security/zapocalypse.
WHO:
Yair Balilti, Security Research Team Leader, Token Security, is an expert in vulnerability research and offensive security. He leads research focused on uncovering vulnerabilities in cloud-native and AI-driven systems, with a particular emphasis on how automation platforms and AI agents introduce new attack vectors.
WHAT:
Automation platforms and AI agents are increasingly acting as the high-privilege control layer of modern enterprises. As these systems gain access to APIs, credentials, and workflows, they also create new and poorly understood security risks. The research reveals how AI automation platforms are generating highly-privileged identities that are not being monitored or governed.
In this session, Balilti will deconstruct a multi-stage exploit chain targeting Zapier users that begins in a sandboxed Python environment and escalates into full AI platform account takeover. The research challenges common assumptions about serverless isolation and secret handling, demonstrating how attackers can recover sensitive credentials directly from memory and move laterally across integrated systems.
The session will cover:
- How hardcoded Model Context Protocol (MCP) keys and high-privilege tokens are exposed
- Why Python’s del keyword does not reliably sanitize sensitive environment variables
- How orphaned AWS STS tokens can be extracted from Lambda memory via /proc/self/mem
- A technique for API-only ECR image extraction
- A dependency poisoning attack leading to Stored XSS across thousands of integrations
Attendees will leave with:
- A technical checklist for auditing AI “code block” and automation features
- Strategies for identifying and eliminating orphaned secrets in serverless environments
- Best practices for securing automation platforms and AI agent-driven workflows
WHERE:
fwd:cloudsec North America. Room 1. Meydenbauer Center, Bellevue, Washington.
WHEN:
Monday, June 1, 2026 at 10:50 AM PDT
HOW:
To speak with Yair Balilti, contact Marc Gendron at [email protected], +1 617 877 7480.
About Token Security
Token Security accelerates the secure adoption of agentic AI by discovering AI agents across the enterprise, understanding their context and risk, and enforcing policies that govern their access and behavior. The platform provides continuous visibility, lifecycle management, and least-privilege enforcement to help organizations control autonomous AI agents operating across cloud, SaaS, and enterprise environments, eliminating blind spots, reducing risk, and ensuring compliance at scale.
Token Security is backed by Notable Capital, Crosspoint Capital, and TLV Partners. To learn more: token.security.
Media Contact:
Marc Gendron
Marc Gendron PR for Token Security
+1 617 877 7480
[email protected]
A photo accompanying this announcement is available at https://www.globenewswire.com/NewsRoom/AttachmentNg/6f098d3a-925b-4600-8587-da4c724c0ea1
