CyberHappenings logo

Track cybersecurity events as they unfold. Sourced timelines. Filter, sort, and browse. Fast, privacy‑respecting. No invasive ads, no tracking.

AI Model Poisoning with Minimal Documents

First reported
Last updated
1 unique sources, 1 articles

Summary

Hide ▲

Researchers have demonstrated that it is possible to poison AI models of varying sizes using just 250 malicious documents. This finding challenges the previous assumption that a proportionally larger amount of poisoned data is required to manipulate larger models. The study involved injecting malicious documents into the training data of models ranging from 600 million to 13 billion parameters. The implications are significant for both developers of large language models and enterprises using fine-tuned models.

Timeline

  1. 22.10.2025 23:33 1 articles · 19h ago

    Researchers Demonstrate AI Model Poisoning with 250 Documents

    In a recent study, researchers from Anthropic, the UK AI Security Institute, and the Alan Turing Institute found that 250 poisoned documents were sufficient to backdoor AI models ranging from 600 million to 13 billion parameters. This challenges the previous assumption that larger models require proportionally more poisoned data. The study highlights the vulnerability of AI models during the training phase and the need for improved data protections.

    Show sources

Information Snippets

  • Researchers from Anthropic, the UK AI Security Institute, and the Alan Turing Institute successfully backdoored AI models using 250 poisoned documents.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources
  • The study involved models ranging from 600 million to 13 billion parameters.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources
  • The researchers found that 250 malicious documents were sufficient to backdoor models of all sizes tested.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources
  • Data poisoning attacks involve injecting malicious data into a model's training dataset to manipulate its behavior.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources
  • The study challenges the assumption that larger models require proportionally more poisoned data to be manipulated.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources
  • The findings have implications for developers of large language models and enterprises using fine-tuned models.

    First reported: 22.10.2025 23:33
    1 source, 1 article
    Show sources