arXiv:2605.27631v1 Announce Type: cross Abstract: Code Large Language Models (CLLMs) serve as the core of modern code agents, enabling developers to automate complex software development tasks. In this paper, we present Poison-with-Style (PwS), a practical and stealthy model poisoning attack targeting CLLMs. Unlike prior attacks that assume an active adversary capable of directly embedding explicit triggers (e.g., specific words) into developers' prompts during inference, PwS leverages developers' code styles as covert triggers implicitly embedded within their prompts. PwS introduces a novel d
The proliferation of Code Large Language Models (CLLMs) as core components of software development pipelines makes them attractive targets for novel attack vectors.
This research reveals a stealthy and practical method for poisoning CLLMs, threatening the integrity and reliability of AI-driven code generation and potentially introducing vulnerabilities into software at scale.
The understanding of CLLM security shifts from focusing on explicit trigger attacks to recognizing the vulnerability to implicit, style-based poisoning, requiring new defenses.
- · Cybersecurity researchers
- · Developers of secure AI training platforms
- · Ethical hackers
- · Organizations relying on insecure CLLMs
- · Developers of unhardened CLLMs
- · Software developers using poisoned CLLMs
Immediate awareness in the AI/developer community regarding new CLLM poisoning risks.
Increased investment in robust dataset sanitization and advanced anomaly detection for AI models, particularly CLLMs.
Potential for a 'cyber arms race' in AI, where sophisticated poisoning techniques are met with equally sophisticated defensive measures, impacting AI development timelines and costs.
This signal links to a primary source. Continuum Brief monitors and indexes it as part of the live intelligence stream — we do not republish source content.
Read at arXiv cs.LG