← Find more feeds

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 633 followers

Latest posts

Last updated 4 days ago

Unexpected security footguns in Go's parsers

4 days ago

File parsers in Go contain unexpected behaviors that can lead to serious...

Read full

What we learned reviewing one of the first DKLs23 libraries from Silence Laboratories

12 days ago

In October 2023, we audited Silence Laboratories’ DKLs23 threshold signature scheme (TSS)...

Read full

A deep dive into Axiom’s Halo2 circuits

23 days ago

Over two audits in 2023, we reviewed a blockchain system developed by...

Read full

The Custodial Stablecoin Rekt Test

24 days ago

Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic...

Read full

The cryptography behind passkeys

about 1 month ago

This post will examine the cryptography behind passkeys, the guarantees they do...

Read full

Datasig: Fingerprinting AI/ML datasets to stop data-borne attacks

about 2 months ago

Datasig generates compact, unique fingerprints for AI/ML datasets that let you compare...

Read full

Making PyPI's test suite 81% faster

about 2 months ago

See how we slashed PyPI’s test suite runtime from 163 to 30...

Read full

Insecure credential storage plagues MCP

about 2 months ago

This post describes how many examples of MCP software store long-term API...

Read full

Deceiving users with ANSI terminal codes in MCP

about 2 months ago

This post describes attacks using ANSI terminal code escape sequences to hide...

Read full

How MCP servers can steal your conversation history

about 2 months ago

This post explains how malicious MCP servers can exploit the Model Context...

Read full

Jumping the line: How MCP servers can attack you before you ever use them

2 months ago

This post is about a critical vulnerability in the Model Context Protocol...

Read full

Kicking off AIxCC’s Finals with Buttercup

2 months ago

Trail of Bits’ Cyber Reasoning System “Buttercup” is competing in DARPA’s AI...

Read full

Or log in

Everything you care about in one place

Trail of Bits Blog

Latest posts

Unexpected security footguns in Go's parsers

What we learned reviewing one of the first DKLs23 libraries from Silence Laboratories

A deep dive into Axiom’s Halo2 circuits

The Custodial Stablecoin Rekt Test

The cryptography behind passkeys

Datasig: Fingerprinting AI/ML datasets to stop data-borne attacks

Making PyPI's test suite 81% faster

Insecure credential storage plagues MCP

Deceiving users with ANSI terminal codes in MCP

How MCP servers can steal your conversation history

Jumping the line: How MCP servers can attack you before you ever use them

Kicking off AIxCC’s Finals with Buttercup

Try Feeder for free