TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

By Newsroom — January 18^th 2024 at 12:34

Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks. The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow's build agents via

FreshRSS

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks