cognitive cybersecurity intelligence

News and Analysis


Tensorflow Supply Chain Compromise via Self-Hosted Runner Attack

Praetorian cybersecurity researchers have found a vulnerability in open-source machine learning platform TensorFlow that could allow an attacker to compromise its software supply chain. The flaw is due to CI/CD misconfigurations and could lead to a supply chain attack on TensorFlow releases by compromising TensorFlow’s build agents through a malicious pull request. The researchers reported the vulnerability to Google, who acknowledged it as a critical supply chain compromise vulnerability.

Source: –

Subscribe to newsletter

Subscribe to HEAL Security Dispatch for the latest healthcare cybersecurity news and analysis.

More Posts