Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 657 followers

Latest posts

Last updated 3 days ago

Prompt injection to RCE in AI agents

3 days ago

We bypassed human approval protections for system command execution in AI agents...

Taming 2,500 compiler warnings with CodeQL, an OpenVPN2 case study

30 days ago

We created a CodeQL query that reduced 2,500+ compiler warnings about implicit...

Supply chain attacks are exploiting our assumptions

about 1 month ago

Supply chain attacks exploit fundamental trust assumptions in modern software development, from...

Use mutation testing to find the bugs your tests don't catch

about 1 month ago

Mutation testing reveals blind spots in test suites by systematically introducing bugs...

Fickling’s new AI/ML pickle file scanner

about 1 month ago

We’ve added a pickle file scanner to Fickling that uses an allowlist...

How Sui Move rethinks flash loan security

about 1 month ago

Sui’s Move language significantly improves flash loan security by replacing Solidity’s reliance...

Safer cold storage on Ethereum

about 2 months ago

By using smart contract programmability, exchanges can build custody solutions that remain...

Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more

about 2 months ago

A vulnerability in Electron applications allows attackers to bypass code integrity checks...

Intern projects that outlived the internship

about 2 months ago

Our business operations intern at Trail of Bits built two AI-powered tools...

Implement EIP-7730 today

about 2 months ago

EIP-7730 enables hardware wallets to decode transactions into human-readable formats, eliminating blind...

Speedrunning the New York Subway

2 months ago

We optimized the route for visiting every NYC subway station using algorithms...

Weaponizing image scaling against production AI systems

2 months ago

In this blog post, we’ll detail how attackers can exploit image scaling...