Yuchuan Luo

FedLLMs, thought to be safer due to data localization, are shockingly vulnerable: a new attack achieves near 100% membership inference accuracy, even with differential privacy.

VFL label privacy is more fragile than we thought: a novel attack infers labels across multiple scenarios without needing auxiliary data, even bypassing common defenses like gradient noise.