Skip to content

Hide Navigation Hide TOC

Malicious Fine-tuning Data - ATR-2026-00073 (3964ef51-6973-5f00-bdc4-5fe689c9612d)

Detects poisoned fine-tuning datasets that contain instruction-following backdoors, trigger phrases, or behavior-modifying training examples. Attackers inject carefully crafted training samples that teach the model to respond to specific trigger inputs with malicious behaviors such as bypassing safety filters, exfiltrating data, or executing unauthorized actions. This rule inspects fine-tuning data uploads and training example submissions.

Cluster A Galaxy A Cluster B Galaxy B Level
Poison Training Data (0ec538ca-589b-4e42-bcaa-06097a0d679f) MITRE ATLAS Attack Pattern Malicious Fine-tuning Data - ATR-2026-00073 (3964ef51-6973-5f00-bdc4-5fe689c9612d) Agent Threat Rules 1
Malicious Fine-tuning Data - ATR-2026-00073 (3964ef51-6973-5f00-bdc4-5fe689c9612d) Agent Threat Rules Backdoor ML Model (c704a49c-abf0-4258-9919-a862b1865469) MITRE ATLAS Attack Pattern 1