Secret Stealing Attacks on Local LLM Fine-Tuning through Supply-Chain Model Code Backdoors

arXiv:2604.27426v1 Announce Type: cross Abstract: Local fine-tuning datasets routinely contain sensitive secrets such as API keys, personal identifiers, and financial records. Although ''local offline fine-tuning'' is often viewed as a privacy boundary, we reveal that compromised model code is...