Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederblog.trailofbits.com
Trail of Bits Blog
Get the latest updates from Trail of Bits Blog directly as they happen.
Follow now 680 followers
Latest posts
Last updated 5 days ago
The sorry state of skill distribution
5 days ago
Public skill marketplaces are being flooded with malicious skills that steal credentials...
We hardened zizmor's GitHub Actions static analyzer
17 days ago
In March 2026, attackers exploited a pull_request_target misconfiguration in the aquasecurity/trivy-action GitHub...
Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.
27 days ago
Go’s native fuzzing is useful, but it stands far behind state-of-the-art tooling...
C/C++ checklist challenges, solved
about 1 month ago
We recently added a C/C++ security checklist to the Testing Handbook and...
Extending Ruzzy with LibAFL
about 1 month ago
LibAFL is all the rage in the fuzzing community these days, especially...
Trailmark turns code into graphs
about 2 months ago
We’re open-sourcing Trailmark, a library that parses source code into a queryable...
We beat Google’s zero-knowledge proof of quantum cryptanalysis
about 2 months ago
Two weeks ago, Google’s Quantum AI group published a zero-knowledge proof of...
Master C and C++ with our new Testing Handbook chapter
about 2 months ago
We added a new chapter to our Testing Handbook: a comprehensive security...
What we learned about TEE security from auditing WhatsApp's Private Inference
2 months ago
WhatsApp’s new “Private Inference” feature represents one of the most ambitious attempts...
Simplifying MBA obfuscation with CoBRA
2 months ago
Mixed Boolean-Arithmetic (MBA) obfuscation disguises simple operations like x + y behind...
Mutation testing for the agentic era
2 months ago
Code coverage is one of the most dangerous quality metrics in software...
How we made Trail of Bits AI-native (so far)
2 months ago
This post is adapted from a talk I gave at [un]prompted, the...