Wenbo Guo

AI agents are shockingly easy to manipulate into leaking API keys, deleting user data, and initiating unauthorized transactions across a wide range of real-world applications.

LLMs can generate proofs-of-concept for software vulnerabilities with significantly higher success rates when guided by static and dynamic program analysis.

Forget manual harness creation: SAILOR leverages static analysis and LLMs to automatically find 379 previously unknown memory-safety vulnerabilities in C/C++ code.

Your agent's shiny new tool could be a Trojan horse: ShieldNet spots supply-chain attacks by watching network traffic, blowing away existing defenses.

NPM malware detection tools often fail because they struggle to distinguish between innocuous code behavior and malicious intent, a problem addressable by analyzing behavioral chains.