Praetorian cybersecurity researchers have found a vulnerability in open-source machine learning platform TensorFlow that could allow an attacker to compromise its software supply chain. The flaw is due to CI/CD misconfigurations and could lead to a supply chain attack on TensorFlow releases by compromising TensorFlow’s build agents through a malicious pull request. The researchers reported the vulnerability to Google, who acknowledged it as a critical supply chain compromise vulnerability.
Nearly 250,000 Records From Tax Credit Consulting Agency Exposed
Summarize this content to a maximum of 60 words: Research has uncovered an unencrypted, non-password-protected database containing 245,949 records.
