Praetorian cybersecurity researchers have found a vulnerability in open-source machine learning platform TensorFlow that could allow an attacker to compromise its software supply chain. The flaw is due to CI/CD misconfigurations and could lead to a supply chain attack on TensorFlow releases by compromising TensorFlow’s build agents through a malicious pull request. The researchers reported the vulnerability to Google, who acknowledged it as a critical supply chain compromise vulnerability.

BioShocking Attack Uses Fake Games To Hijack AI Browsers And Leak Data – HotHardware
BioShocking Attack Uses Fake Games To Hijack AI Browsers And Leak Data HotHardware


