Supply chain attacks possible with TensorFlow CI/CD misconfigurations

Supply chain attacks possible with TensorFlow CI/CD misconfigurations TensorFlow instances on GitHub and PyPi could have been subjected to supply chain attacks involving the exploitation of continuous integration and continuous delivery vulnerabilities within the open-source machine learning framework, reports The Hacker News.

attacks continuous continuous delivery continuous integration delivery devsecops exploitation framework github hacker integration machine machine learning misconfigurations pypi reports supply supply chain supply chain attacks tensorflow the hacker news third-party-code vulnerabilities