Unintentional uncontrollable variations in the manufacturing process of integrated circuits are used to realize silicon primitives known as physical unclonable functions (PUFs). These primitives are used to create unique signatures for security purposes. Investigating the vulnerabilities of PUFs is of utmost importance to uphold their usefulness in secure applications. One such investigation includes exploring the susceptibility of PUFs to modeling attacks that aim at extracting the PUFs’ behavior. To date, these attacks have mainly focused on a single PUF instance where the targeted PUF is attacked using the model built based on the very same PUF’s challenge–response pairs or power side channel. In this article, we move one step forward and introduce <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Cross-PUF</i> attacks where a model is created using the power consumption of one PUF instance to attack another PUF created from the same GDSII file. Through SPICE simulations, we show that these attacks are highly effective in modeling PUF behaviors even in the presence of noise and mismatches in temperature and aging of the PUF used for modeling versus the targeted PUF. To mitigate the <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Cross-PUF</i> attacks, we then propose a lightweight countermeasure based on dual-rail and random initialization logic approaches called DRILL. We show that DRILL is highly effective in thwarting <italic xmlns:mml="http://www.w3.org/1998/Math/MathML" xmlns:xlink="http://www.w3.org/1999/xlink">Cross-PUF</i> attacks.