cognitive cybersecurity intelligence

News and Analysis

Search

Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack

Praetorian cybersecurity researchers have found a vulnerability in open-source machine learning platform TensorFlow that could allow an attacker to compromise its software supply chain. The flaw is due to CI/CD misconfigurations and could lead to a supply chain attack on TensorFlow releases by compromising TensorFlow’s build agents through a malicious pull request. The researchers reported the vulnerability to Google, who acknowledged it as a critical supply chain compromise vulnerability.

Source: securityboulevard.com –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts

How to Root Out Malicious Employees

Insider threats pose one of the largest security risks to organizations, and often go unnoticed or unaddressed. Malicious and negligent employees can commit devastating acts,