Publish Poisoned Models
Type: technique
Description: Adversaries may publish a poisoned model to a public location such as a model registry or code repository. The poisoned model may be a novel model or a poisoned variant of an existing open-source model. This model may be introduced to a victim system via ML supply chain compromise.
Version: 0.1.0
Created At: 2025-06-19 08:13:23 -0400
Last Modified At: 2025-06-19 08:13:23 -0400
External References
Related Objects
- --> Resource Development (tactic): Releasing maliciously altered machine learning models to disrupt downstream use or compromise systems.