How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production
An external threat actor in possession of a Google account could misuse this misconfiguration by using their own Google OAuth 2.0 bearer token to seize control of the cluster for follow-on exploitation.