◈ AI Security Intelligence ← All terms
Attack  ·  Glossary

Data Poisoning

Definition
An attack where an attacker corrupts the training data or input data used to build or run an AI model, causing the model to learn false patterns or outputs. The poisoned model then propagates the corruption to every user and application that depends on it.
Why it matters
Data poisoning is a supply-chain attack on the AI pipeline itself. Unlike code vulnerabilities that can be patched, a poisoned model must often be retrained from scratch. Large enterprises discover poisoning only after the model has already caused decisions based on corrupted information.
Demonstrated by recent findings
Shai-Hulud/Hades PyPI Supply-Chain Worm Targets AI/ML Packages with LLM Scanner Evasion and Credential-Wiper DaemonShai-Hulud/Hades Campaign: PyPI Supply-Chain Worm Injects AI Scanner-Evasion Prompts and Backdoors AI Coding Agent Configs
Findings on this topic (2)
AI Threats Expanding Attack Surface in Emerging Markets — New Attack Vectors Beyond Signature DetectionGoogle DeepMind Publishes 'AI Agent Traps' Taxonomy: Six Attack Categories Against Autonomous Agents
Track this in the live feed See how this plays out in real AI security and governance developments.
Open the feed →