When Safe Models Merge into Danger: Exploiting Latent Vulnerabilities in LLM Fusion

Model merging has emerged as a powerful technique for combining specialized capabilities from multiple fine-tuned LLMs without additional training costs. However, the security implications of this widely-adopted practice remain critically underexplored. In this work, we reveal that model merging...

Retrofit: Continual Learning with Bounded Forgetting for Security Applications

Modern security analytics are increasingly powered by deep learning models, but their performance often degrades as threat landscapes evolve and data representations shift. While continual learning CL offers a promising paradigm to maintain model effectiveness, many approaches rely on full...

Consiglieres in the Shadow: Understanding the Use of Uncensored Large Language Models in Cybercrimes

The advancement of AI technologies, particularly Large Language Models LLMs, has transformed computing while introducing new security and privacy risks. Prior research shows that cybercriminals are increasingly leveraging uncensored LLMs ULLMs as backends for malicious services. Understanding the...

Merge Hijacking: Backdoor Attacks to Model Merging of Large Language Models

Model merging for Large Language Models LLMs directly fuses the parameters of different models finetuned on various tasks, creating a unified model for multi-domain tasks. However, due to potential vulnerabilities in models available on open-source platforms, model merging is susceptible to...