Definition
An attack where an attacker hijacks a shared cloud resource (like a storage bucket) to inject malicious code into a victim's machine learning model upload before it reaches production. When the poisoned model is deployed, it executes attacker-controlled code inside the infrastructure.
Why it matters
This allows attackers to compromise AI systems without ever gaining direct access to a victim's cloud account, turning infrastructure design flaws into enterprise-scale compromise vectors that affect multiple customers in shared environments.