all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

TensorFlow CI/CD Flaw Exposed Supply Chain to Poisoning Attacks

Add to bookmarks
Jan. 18, 2024, 12:34 p.m. | info@thehackernews.com (The Hacker News)

The Hacker News thehackernews.com

Continuous integration and continuous delivery (CI/CD) misconfigurations discovered in the open-source TensorFlow machine learning framework could have been exploited to orchestrate supply chain attacks.
The misconfigurations could be abused by an attacker to "conduct a supply chain compromise of TensorFlow releases on GitHub and PyPi by compromising TensorFlow's build agents via

attacker attacks build compromise continuous continuous delivery continuous integration delivery exploited exposed flaw framework github integration machine machine learning misconfigurations poisoning poisoning attacks pypi releases supply supply chain supply chain attacks supply chain compromise tensorflow

Visit resource

More from thehackernews.com / The Hacker News

Expert-Led Webinar - Uncovering Latest DDoS Tactics and Learn How to Fight Back an hour ago | thehackernews.com
address attacks back business +22
Hackers Increasingly Abusing Microsoft Graph API for Stealthy Malware Communications an hour ago | thehackernews.com
abusing aim amp api +25
New Guide Explains How to Eliminate the Risk of Shadow SaaS and Protect Corporate Data 3 hours ago | thehackernews.com
address applications business corporate +15
NSA, FBI Alert on N. Korean Hackers Spoofing Emails from Trusted Sources 4 hours ago | thehackernews.com
advisory agency alert cybersecurity +22
Google Announces Passkeys Adopted by Over 400 Million Accounts 7 hours ago | thehackernews.com
accounts easy fingerprint google +8
Four Critical Vulnerabilities Expose HPE Aruba Devices to RCE Attacks 9 hours ago | thehackernews.com
address aruba aruba networks arubaos +34
Popular Android Apps Like Xiaomi, WPS Office Vulnerable to File Overwrite Flaw 23 hours ago | thehackernews.com
android android apps app applications +32
Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million 1 day, 1 hour ago | thehackernews.com
attacks hacker national pay +10
When is One Vulnerability Scanner Not Enough? 1 day, 3 hours ago | thehackernews.com
antivirus antivirus software benefits concept +18

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Social Engineer For Reverse Engineering Exploit Study

@ Independent study | Remote
View on infosec-jobs.com

Offensive Security Engineer

@ Ivanti | United States, Remote
View on infosec-jobs.com

Senior Security Engineer I

@ Samsara | Remote - US
View on infosec-jobs.com

Senior Principal Information System Security Engineer

@ Chameleon Consulting Group | Herndon, VA
View on infosec-jobs.com

Junior Detections Engineer

@ Kandji | San Francisco
View on infosec-jobs.com

Data Security Engineer/ Architect - Remote United States

@ Stanley Black & Decker | Towson MD USA - 701 E Joppa Rd Bg 700
View on infosec-jobs.com
View more jobs