2 matches found
Patcher: Post-Hoc Patching of Backdoored Large Language Models
Large language models remain vulnerable to jailbreak backdoor attacks, where adversaries poison safety alignment data to embed hidden triggers that bypass safety mechanisms. Existing defenses often require comprehensive attack information or multiple triggered examples, making them impractical wh...
From .pth to p0wned: Abuse of Pickle Files in AI Model Supply Chains
Executive summary Recent threat research highlights a growing risk in the Python and machine learning ML ecosystem: the exploitation of serialized model files, specifically those using Python’s pickle module. While commonly used for saving and loading ML models, pickle files can execute arbitrary...