Package Managers -- Dependency Confusion

There is an interesting blog today about how dependency confusion (when private packages are registered publicly) as a security challenge.