Leo Yu Zhang

Mobile GUI agents are surprisingly susceptible to prompt injection via realistic, attacker-controlled text embedded within ordinary user-generated content, even without modifying the agent, application, or OS.

Key contribution not extracted.

CCA-secure anamorphic encryption, previously an open challenge, is now achievable in the standard model, enabling robust covert communication even under key compromise.

Even without architectural modifications, a new gradient inversion attack, ARES, can reconstruct high-fidelity training samples in federated learning, exposing a significant privacy risk.