1h ago

CAT Paper Shows AI Image Watermarks Fail Against Adaptive Real-World Attacks

0
Original post
OPFurong Huang#465Furong Huang@FURONGH

Everyone talks about watermarking AI images. But after WAVES Bench + our NeurIPS “Erasing the Invisible” competition, one thing became clear: watermarks don’t fail in the lab. They fail after the real world touches them. I wrote about our new paper, CAT, and why robust watermarking needs to train against adaptive compositional attacks — not just random corruptions.

1:25 PM · May 23, 2026 View on X
REPLYFurong Huang#465Furong Huang@FURONGH

Project Site: https://compositional-adversarial-training.github.io/Code Repository: https://github.com/Asatheesh6561/CATHuggingFace Models & Datasets: https://huggingface.co/collections/asatheesh/cat

Furong HuangFurong Huang@furongh

Everyone talks about watermarking AI images. But after WAVES Bench + our NeurIPS “Erasing the Invisible” competition, one thing became clear: watermarks don’t fail in the lab. They fail after the real world touches them. I wrote about our new paper, CAT, and why robust watermarking needs to train against adaptive compositional attacks — not just random corruptions.

8:25 PM · May 23, 2026 · 227 Views
8:25 PM · May 23, 2026 · 88 Views
REPLYFurong Huang#465Furong Huang@FURONGH

Huge thanks to the team Anirudh Satheesh, Michael-Andrei Panaitescu-Liess @michael_panaite, Andrew Xu, Georgios Milis, Heng Huang, Zikui Cai @zikuicai and myself @furongh 💐

Furong HuangFurong Huang@furongh

Project Site: https://compositional-adversarial-training.github.io/Code Repository: https://github.com/Asatheesh6561/CATHuggingFace Models & Datasets: https://huggingface.co/collections/asatheesh/cat

8:25 PM · May 23, 2026 · 88 Views
8:29 PM · May 23, 2026 · 70 Views
CAT Paper Shows AI Image Watermarks Fail Against Adaptive Real-World Attacks · Digg