How secure is forgetting? Linking machine unlearning to machine learning attacks

As Machine Learning (ML) continues to evolve, so does the sophistication of security threats targeting data privacy and model integrity. In response, Machine Unlearning (MU) has emerged as a promising paradigm that enables the selective removal of data influence from trained models. By supporting compliance with privacy regulations (such as the GDPR's right to be forgotten) and facilitating model refinement, MU holds significant practical and legal value. Additionally, the effective deployment of MU introduces new security concerns. In real-world settings, malicious actors may exploit vulnerabilities in MU mechanisms, such as incomplete or inaccurate data removal, to infer deleted information, reintroduce adversarial behavior, or manipulate model updates. These risks highlight the urgency of understanding how classical ML threats relate to the design and operation of MU systems. However, despite its growing relevance, this intersection remains underexplored. In this article, we present a structured analysis of four major attack classes in ML (Backdoor Attacks, Membership Inference Attacks, Adversarial Attacks, and Inversion Attacks) and examine their implications for MU across multiple dimensions: (i) as direct threats targeting MU mechanisms, (ii) as challenges that MU can potentially mitigate, (iii) as evaluation metrics to measure the effectiveness and performance of MU techniques, and (iv) as verification factors to validate the success and completeness of the unlearning process. We note that not all attacks exhibit all these perspectives simultaneously; their relevance varies depending on the attack characteristics and MU scenario. We also propose a novel classification that reflects how these attacks are typically employed in this context. Finally, we identify open challenges, including ethical considerations, and highlight promising directions for future research to advance secure and privacy-preserving Machine Unlearning.