← Find more feeds

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 662 followers

Latest posts

Last updated 2 days ago

Can chatbots craft correct code?

2 days ago

I recently attended the AI Engineer Code Summit in New York, an...

Read full

Use GWP-ASan to detect exploits in production environments

5 days ago

Memory safety bugs like use-after-free and buffer overflows remain among the most...

Read full

Catching malicious package releases using a transparency log

9 days ago

We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for...

Read full

Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis

10 days ago

In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets...

Read full

Introducing constant-time support for LLVM to protect cryptographic code

19 days ago

Trail of Bits has developed constant-time coding support for LLVM, providing developers...

Read full

Constant-time support coming to LLVM: Protecting cryptographic code at the compiler level

26 days ago

Trail of Bits has developed constant-time coding support for LLVM 21, providing...

Read full

Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

26 days ago

Trail of Bits has developed constant-time coding support for LLVM 21, providing...

Read full

We found cryptography bugs in the elliptic library using Wycheproof

about 1 month ago

Trail of Bits is publicly disclosing two vulnerabilities in elliptic, a widely...

Read full

Level up your Solidity LLM tooling with Slither-MCP

about 1 month ago

We’re releasing Slither-MCP, a new tool that augments LLMs with Slither’s unmatched...

Read full

How we avoided side-channels in our new post-quantum Go cryptography libraries

about 1 month ago

The Trail of Bits cryptography team is releasing our open-source pure Go...

Read full

Building checksec without boundaries with Checksec Anywhere

about 1 month ago

Since its original release in 2009, checksec has become widely used in...

Read full

Balancer hack analysis and guidance for the DeFi ecosystem

about 1 month ago

TL;DR The root cause of the hack was a rounding direction issue...

Read full

Or log in

Everything you care about in one place

Trail of Bits Blog

Latest posts

Can chatbots craft correct code?

Use GWP-ASan to detect exploits in production environments

Catching malicious package releases using a transparency log

Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis

Introducing constant-time support for LLVM to protect cryptographic code

Constant-time support coming to LLVM: Protecting cryptographic code at the compiler level

Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

We found cryptography bugs in the elliptic library using Wycheproof

Level up your Solidity LLM tooling with Slither-MCP

How we avoided side-channels in our new post-quantum Go cryptography libraries

Building checksec without boundaries with Checksec Anywhere

Balancer hack analysis and guidance for the DeFi ecosystem

Try Feeder for free