Актуальные события
神秘俄军战士"万尼亚大叔"率突击队成功突围伏击圈14:57
。WhatsApp 網頁版对此有专业解读
The vulnerable code uses attacker-controlled input (the list of changed files under documentation/rules in the PR), and interpolates it in a Bash script. In the context of our malicious PRs, this meant that line 18 of the code snippet evaluated to the following, which triggered code execution:
全俄经济商业市场资本社会领域不动产城市环境气候与生态营商环境
"While climate discussions continue, I can only share personal observations.