Zengzhen Su

Multimodal LLMs are surprisingly vulnerable to backdoor attacks, but a simple patch-based augmentation and cross-view regularization can drastically improve robustness without sacrificing performance.

VLMs in self-driving cars are shockingly vulnerable: a subtle combination of graffiti and foreign-language commands can hijack their behavior without degrading performance on normal tasks.