BEGIN:VCALENDAR VERSION:2.0 PRODID:-//pretalx//pretalx.com//fwd-cloudsec-2026//speaker//3RKC7F BEGIN:VTIMEZONE TZID:PST BEGIN:STANDARD DTSTART:20001029T030000 RRULE:FREQ=YEARLY;BYDAY=-1SU;BYMONTH=10;UNTIL=20061029T100000Z TZNAME:PST TZOFFSETFROM:-0700 TZOFFSETTO:-0800 END:STANDARD BEGIN:STANDARD DTSTART:20071104T030000 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=11 TZNAME:PST TZOFFSETFROM:-0700 TZOFFSETTO:-0800 END:STANDARD BEGIN:DAYLIGHT DTSTART:20000402T030000 RRULE:FREQ=YEARLY;BYDAY=1SU;BYMONTH=4;UNTIL=20060402T110000Z TZNAME:PDT TZOFFSETFROM:-0800 TZOFFSETTO:-0700 END:DAYLIGHT BEGIN:DAYLIGHT DTSTART:20070311T030000 RRULE:FREQ=YEARLY;BYDAY=2SU;BYMONTH=3 TZNAME:PDT TZOFFSETFROM:-0800 TZOFFSETTO:-0700 END:DAYLIGHT END:VTIMEZONE BEGIN:VEVENT UID:pretalx-fwd-cloudsec-2026-BM8CVU@pretalx.com DTSTART;TZID=PST:20260601T105000 DTEND;TZID=PST:20260601T113000 DESCRIPTION:Automation platforms and AI agents have become the high-privile ge nervous system of the modern enterprise. This session deconstructs a mu lti-stage exploit chain that began in a sandboxed Python environment and e scalated to a full platform account takeover (ATO). \n\nWe reveal why the common assumption that Python’s `del` keyword sanitizes environment vari ables is a dangerous fallacy\, demonstrating the recovery of "orphaned" ST S tokens directly from the Lambda heap via `/proc/self/mem`. We then detai l a technique for API-only ECR image extraction that circumvents Docker ru ntime monitoring to uncover hardcoded Model Context Protocol (MCP) keys an d high-privilege NPM tokens. The chain concludes with a Stored XSS via dep endency poisoning of a core design system\, impacting the authenticated se ssions of over 8\,000 third-party integrations. \n\nAttendees will leave w ith a technical checklist for auditing AI "code block" features and strate gies for identifying orphaned secrets in serverless memory. DTSTAMP:20260531T022351Z LOCATION:Room 1 SUMMARY:Zapocalypse: Compromising every Zapier user through a Lambda memory leak - Yair Balilti URL:https://pretalx.com/fwd-cloudsec-2026/talk/BM8CVU/ END:VEVENT END:VCALENDAR