Support making RiG more international!
Take part in our online survey at the end of your visit and share your valuable experiences and opinions. Duration: 7-10 min.
BIFOLD Research Reveals a Blind Spot in Software Security
Malicious code need not be concealed within software itself. It can be embedded in seemingly harmless documentation. BIFOLD researchers demonstrate how large language models can hide executable functionality in natural-looking files, enabling difficult-to-detect attacks during the software build process. Presented at ACM AsiaCCS 2026.
Jun 2, 2026, 1:48:11 PM
Jean-Paul Olivier
, Berlin Institute for the Foundations of Learning and Data – BIFOLD
BIFOLD researchers will present the paper "Shape-Shifting Malicious Code in Software Backdoors via Language Models" at the 21st ACM ASIA Conference on Computer and Communications Security (ACM ASIACCS 2026), to be held in Bangalore, India, from 1-5 June 2026. Their work reveals a blind spot in current software security. Malicious code does not need to be hidden in software alone. It can also be concealed in harmless documentation or configuration scripts. The researchers show how large language models can hide malicious code in documents that appear completely natural to humans, yet carry hidden functionality. Critically, the malicious code can be extracted from the documents without any language model, allowing for versatile and lightweight attacks, for example, during the build process of software. Since detecting these attacks is difficult, the researchers argue that the most effective defense is to more carefully vet and control who contributes to software development. Paper: Shape-Shifting Malicious Code in Software Backdoors via Language Models. Authors: Mohammad Ebrahimi Fard, Felix Weissberg, Erik Imgrund, Thorsten Eisenhofer, Konrad Rieck. PDF: https://www.mlsec.org/docs/2026-asiaccs.pdf Code: https://github.com/mlsec-group/animagus