## **PoC:** The following example code will embed an arbitrary payload into the first available PyTorch tensor with sufficient free bits using Steganography: [code](https://hiddenlayer.com/research/weaponizing-machine-learning-models-with-ransomware/#Tensor-Steganography) To weaponize, inject the models `data.pkl` file with an instruction to execute [code](To weaponize the main pickle file within an existing pre-trained PyTorch model) By [enwckns](https://twitter.com/enwckns) , Marta Janus,Tom Bonner ## **Details**: A technique that can be used pre or post exploitation to gain code execution in an environment. Also a persistence technique. [paper](https://arxiv.org/pdf/2107.08590.pdf) [implementation blog](https://hiddenlayer.com/research/weaponizing-machine-learning-models-with-ransomware/#Tensor-Steganography) [video](https://www.youtube.com/watch?v=nq9V8mZvRSg) ID: AML.T0010.003