Mail.ru: [app-01.youdrive.club] RCE in CI/CD via dependency confusion

Dependency confusion allowed remote code execution in youdrive CI/CD pipeline as was demonstrated by researcher via creation of public npmjs.com package matching internal dependancy. I've extracted and saved the content of package.json file for further research during investigating the previous...