ml-security
Safeguard articles tagged "ml-security" — guides, analysis, and best practices for software supply chain and application security.
7 articles
The Python pickle security model, explained
Python's own docs warn that unpickling can execute arbitrary code — yet pickle is still the default weight format behind millions of ML model downloads.
AI Data Poisoning Defense: Protecting Models from Tainted Data
You do not need to corrupt most of a training set to backdoor a model — recent research suggests a small, near-constant number of poisoned documents can be enough. Defense starts with treating data as a dependency.
PyTorch Lightning PyPI Compromise: A Software Supply Chain Attack Built to Drain ML Credentials
In April 2026, attackers pushed malicious versions of the lightning PyPI package and an npm intercom-client release, harvesting cloud, CI/CD, and GitHub credentials. Here is what happened and why ML tooling is now a prime supply chain target.
Fine-Tune Backdoor Insertion: Academic Research
A senior engineer's review of academic research on fine-tune backdoor insertion, from BadNets to sleeper agents, and how the findings translate to production ML.
Training Data Poisoning: Pipeline Defenses
A senior engineer's guide to training data poisoning defenses in 2026, from split-learning detection to provenance attestation and continuous pipeline monitoring.
How data poisoning attacks corrupt LLM behavior during tr...
A single expired domain and $60 can poison a training set. Here's how data poisoning attacks corrupt LLM behavior — and how Safeguard verifies training data before it ships.
AI-BOMs: Extending Bill-of-Materials Thinking to Machine ...
AI-BOMs extend SBOM discipline to machine learning models—tracking training data, weights, and lineage. Here's what they contain and why regulators now require them.