AI Sec Watch: A Security Intelligence Platform for AI Systems

Luu, T.J.

BadBone: Backdoor Attacks Against Backbone Models in Visual Prompt Learning

inforesearchPeer-Reviewed

securityresearch

Source: IEEE Xplore (Security & AI Journals)June 1, 2026

Summary

BadBone is a backdoor attack (a type of hidden vulnerability where an attacker secretly compromises a model to make it misbehave on specific tasks) that targets backbone models (large pre-trained neural networks that serve as the foundation for smaller AI systems) used in prompt learning (a technique where users guide AI behavior by providing example inputs called prompts). The attack is stealthy because it hides the backdoor in the backbone model rather than in the prompt learning process itself, so downstream tasks using prompt learning inherit the vulnerability while the model appears to work normally. Testing shows that current security defenses against backdoors are largely ineffective against BadBone, indicating the need for stronger protections.

Classification

Attack Type

Model Poisoning

Attack SophisticationAdvanced

Impact (CIA+S)

integritysafety

Related Issues

high

CVE-2024-37052: Deserialization of untrusted data can occur in versions of the MLflow platform running version 1.1.0 or newer, enabling

Similar attackNVD/CVE Database

info

Model Stability Defense Against Model Poisoning in Federated Learning

Monthly digest — independent AI security research

Original source: http://ieeexplore.ieee.org/document/11541233

First tracked: June 11, 2026 at 08:01 PM

Classified by LLM (prompt v3) · confidence: 92%