← Find more feeds

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 661 followers

Latest posts

Last updated 11 days ago

Detect Go’s silent arithmetic bugs with go-panikint

11 days ago

Go’s arithmetic operations on standard integer types are silent by default, meaning...

Read full

Can chatbots craft correct code?

23 days ago

I recently attended the AI Engineer Code Summit in New York, an...

Read full

Use GWP-ASan to detect exploits in production environments

26 days ago

Memory safety bugs like use-after-free and buffer overflows remain among the most...

Read full

Catching malicious package releases using a transparency log

about 1 month ago

We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for...

Read full

Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis

about 1 month ago

In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets...

Read full

Introducing constant-time support for LLVM to protect cryptographic code

about 1 month ago

Trail of Bits has developed constant-time coding support for LLVM, providing developers...

Read full

Constant-time support coming to LLVM: Protecting cryptographic code at the compiler level

about 2 months ago

Trail of Bits has developed constant-time coding support for LLVM 21, providing...

Read full

Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

about 2 months ago

Trail of Bits has developed constant-time coding support for LLVM 21, providing...

Read full

We found cryptography bugs in the elliptic library using Wycheproof

about 2 months ago

Trail of Bits is publicly disclosing two vulnerabilities in elliptic, a widely...

Read full

Level up your Solidity LLM tooling with Slither-MCP

about 2 months ago

We’re releasing Slither-MCP, a new tool that augments LLMs with Slither’s unmatched...

Read full

How we avoided side-channels in our new post-quantum Go cryptography libraries

about 2 months ago

The Trail of Bits cryptography team is releasing our open-source pure Go...

Read full

Building checksec without boundaries with Checksec Anywhere

about 2 months ago

Since its original release in 2009, checksec has become widely used in...

Read full

Or log in

Everything you care about in one place

Trail of Bits Blog

Latest posts

Detect Go’s silent arithmetic bugs with go-panikint

Can chatbots craft correct code?

Use GWP-ASan to detect exploits in production environments

Catching malicious package releases using a transparency log

Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis

Introducing constant-time support for LLVM to protect cryptographic code

Constant-time support coming to LLVM: Protecting cryptographic code at the compiler level

Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level

We found cryptography bugs in the elliptic library using Wycheproof

Level up your Solidity LLM tooling with Slither-MCP

How we avoided side-channels in our new post-quantum Go cryptography libraries

Building checksec without boundaries with Checksec Anywhere

Try Feeder for free