ZAPESCAPE: Vulnerability Disclosure Permalink
This document is the vulnerability disclosure report once the vulnerability was discovered.
Recent Posts
ZAPESCAPE: Organization-wide control over Code by Zapier Permalink
In the middle of March 2022, Zenity research team discovered a sandbox-escape vulnerability in Code by Zapier, a service used by Zapier to execute custom cod...
A Windows 11 Automation Tool Can Easily Be Hijacked Permalink
Hackers can use Microsoft’s Power Automate to push out ransomware and key loggers—if they get machine access first.
3 Ways No-Code Developers Can Shoot Themselves in the Foot Permalink
Low/no-code tools allow citizen developers to design creative solutions to address immediate problems, but without sufficient training and oversight, the tec...
Watch Out for User Impersonation in Low-Code/No-Code Apps Permalink
How a well-meaning employee could unwittingly share their identity with other users, causing a whole range of problems across IT, security, and the business.