2 comments

[ 2.2 ms ] story [ 11.6 ms ] thread
The noteworthy bit:

"INFO: Cloud Security Alliance Publishes Second Research Note on AI/ML Supply Chain Risk The Cloud Security Alliance AI Safety Initiative published a research note on March 29 framing the TeamPCP campaign as a structural shift in adversary methodology -- from opportunistic typosquatting to deliberate pipeline compromise of trusted [AI/ML] packages."

I put AI/ML in square brackets because of:

https://news.ycombinator.com/item?id=47582220

Seems to be the wrong link. Was able to find the correct link but the one presented just routes to a guide on data exfiltration.