A Better Newspaper

## RogueMerge – Adversarial Attacks on LLM Model Merging ### Overview RogueMerge is a research framework introducing adversarial attack strategies targeting LLM model merging pipelines (arXiv:2606.03344). Model merging composes specialized capabilities into a single LLM by aggregating task vectors from unverified public platforms, according to the paper. ### Core Threat Model The framework reportedly identifies a critical supply-chain attack surface: because any malicious behavior can be encoded into a task vector, and merging grants third-party vectors direct write access to model weights, an attacker-provided task vector may enable or amplify diverse downstream threats (arXiv:2606.03344). Prior work studied only backdoor attacks against classifiers using static arithmetic heuristics, which the authors contend fail to generalize. ### Strategic Significance As enterprises increasingly adopt model merging to combine fine-tuned specialist models without retraining costs, the attack surface described by RogueMerge becomes a material operational risk. Platforms hosting open-weight models (Hugging Face and similar) are implicated as potential vectors. Legal and compliance teams evaluating AI supply chain risk should note this research as an early signal of an emerging liability category—parallel to software supply chain compromise (e.g., SolarWinds-style attacks) but applied to ML model weight registries. ### Connection to Broader LLM Security Landscape The paper connects to existing wiki coverage of AI supply chain threats (e.g., CPUID Supply Chain Compromise, Manifold Security, Wiz State of AI). It may also bear on enterprise AI governance obligations if model merging becomes a regulated activity under evolving AI liability frameworks. ### Status - Paper: arXiv:2606.03344v1, cross-submission (arXiv, June 2025) - No known commercial deployment or CVE assignment as of filing