Dependency confusion is a newly discovered logic flaw in the default way software development tools pull third-party packages from public and private repositories. Attackers can take advantage of this ...