How the Sys:All Loophole Allowed Us To Penetrate GKE Clusters in Production

An external threat actor in possession of a Google account could misuse this misconfiguration by using their own Google OAuth 2.0 bearer token to seize control of the cluster for follow-on exploitation.