https://miscreants.github.io/blog.trailofbits.com/authors/suha-sabi-hussain/Recent content in Suha Sabi Hussain on The Trail of Bits BlogHugoen-usThu, 21 Aug 2025 00:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/Thu, 21 Aug 2025 07:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/08/21/weaponizing-image-scaling-against-production-ai-systems/In this blog post, we’ll detail how attackers can exploit image scaling on Gemini CLI, Vertex AI Studio, Gemini’s web and API interfaces, Google Assistant, Genspark, and other production AI systems. We’ll also explain how to mitigate and defend against these attacks, and we’ll introduce Anamorpher, our open-source tool that lets you explore and generate these crafted images.https://miscreants.github.io/blog.trailofbits.com/2025/07/31/hijacking-multi-agent-systems-in-your-pajamas/Thu, 31 Jul 2025 09:00:00 -0400https://miscreants.github.io/blog.trailofbits.com/2025/07/31/hijacking-multi-agent-systems-in-your-pajamas/We’re releasing pajaMAS: a curated set of MAS hijacking demos that illustrate important principles of MAS security.https://miscreants.github.io/blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/Mon, 04 Mar 2024 09:00:44 -0500https://miscreants.github.io/blog.trailofbits.com/2024/03/04/relishing-new-fickling-features-for-securing-ml-systems/We’ve added new features to Fickling to offer enhanced threat detection and analysis across a broad spectrum of machine learning (ML) workflows. Fickling is a decompiler, static analyzer, and bytecode rewriter for the Python pickle module that can help you detect, analyze, or create malicious pickle files. While the ML community […]https://miscreants.github.io/blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/Wed, 15 Nov 2023 10:15:05 -0500https://miscreants.github.io/blog.trailofbits.com/2023/11/15/assessing-the-security-posture-of-a-widely-used-vision-model-yolov7/TL;DR: We identified 11 security vulnerabilities in YOLOv7, a popular computer vision framework, that could enable attacks including remote code execution (RCE), denial of service, and model differentials (where an attacker can trigger a model to perform differently in different contexts). Open-source software […]https://miscreants.github.io/blog.trailofbits.com/2022/10/03/semgrep-maching-learning-static-analysis/Mon, 03 Oct 2022 09:00:53 -0400https://miscreants.github.io/blog.trailofbits.com/2022/10/03/semgrep-maching-learning-static-analysis/tl;dr: Our publicly available Semgrep ruleset now has 11 rules dedicated to the misuse of machine learning libraries. Try it out now! Picture this: You’ve spent months curating images, trying out different architectures, downloading pretrained models, messing with Kubernetes, and you’re finally ready to ship your sparkling new machine learning (ML) product. […]https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/Thu, 08 Oct 2020 08:00:36 -0400https://miscreants.github.io/blog.trailofbits.com/2020/10/08/privacyraven-has-left-the-nest/If you work on deep learning systems, check out our new tool, PrivacyRaven—it’s a Python library that equips engineers and researchers with a comprehensive testing suite for simulating privacy attacks on deep learning systems. Because deep learning enables software to perform tasks without explicit programming, it’s become ubiquitous in […]