Charles, Goren and Lauter in 2006 proposed a cryptographic hash function based on walks in the ℓ-isogeny graph of supersingular elliptic curves in large characteristic p. In 2020 Eisenträger et al. showed that such hash functions allow for an efficient computation of second pre-images (and hence are dramatically broken) as soon as the endomorphism ring of the starting vertex is known. In this attack, the main auxiliary tool is the so-called "KLPT algorithm" for finding a connecting ideal between two maximal orders in a positive definite quaternion algebra. Since all known methods for constructing supersingular elliptic curves implicitly leak the endomorphism ring, secure instantiations of the CGL hash function should be set up by a trusted party, or through multi-party computation. In this talk I will present a similar result for hash functions from (ℓ, ℓ)-isogenies between superspecial principally polarized abelian surfaces in characteristic p: if the principal polarization on the starting surface is sufficiently well-understood, then collisions can be produced in polynomial time, and therefore the hash function should be considered broken (but in a weaker sense than in the case of elliptic curves). The main auxiliary tool is a generalization to dimension 2 of the KLPT algorithm. It is likely that all known methods for generating a starting surface implicitly reveal the information needed for producing collisions, so it seems that, here again, a trusted set-up is needed. This is joint work with Thomas Decru, Péter Kutas, Abel Laval, Christophe Petit and Yan Bo Ti.