Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederblog.trailofbits.com
Trail of Bits Blog
Get the latest updates from Trail of Bits Blog directly as they happen.
Follow now 673 followers
Latest posts
Last updated 5 days ago
We beat Google’s zero-knowledge proof of quantum cryptanalysis
5 days ago
Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of...
Master C and C++ with our new Testing Handbook chapter
13 days ago
We added a new chapter to our Testing Handbook: a comprehensive security...
What we learned about TEE security from auditing WhatsApp's Private Inference
15 days ago
WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts...
Simplifying MBA obfuscation with CoBRA
19 days ago
Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind...
Mutation testing for the agentic era
21 days ago
Code coverage is one of the most dangerous quality metrics in software...
How we made Trail of Bits AI-native (so far)
22 days ago
This post is adapted from a talk I gave at [un]prompted, the...
Try our new dimensional analysis Claude plugin
28 days ago
We’re releasing a new Claude plugin for developing and auditing code that...
Spotting issues in DeFi with dimensional analysis
29 days ago
Using dimensional analysis, you can categorically rule out a whole category of...
Six mistakes in ERC-4337 smart accounts
about 1 month ago
Account abstraction transforms fixed “private key can do anything” models into programmable...
mquire: Linux memory forensics without external dependencies
about 2 months ago
If you’ve ever done Linux memory forensics, you know the frustration: without...
Using threat modeling and prompt injection to audit Comet
2 months ago
Before launching their Comet browser, Perplexity hired us to test the security...
Carelessness versus craftsmanship in cryptography
2 months ago
Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV...