Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederblog.trailofbits.com
Trail of Bits Blog
Get the latest updates from Trail of Bits Blog directly as they happen.
Follow now 646 followers
Latest posts
Last updated 1 day ago
Weaponizing image scaling against production AI systems
1 day ago
In this blog post, we’ll detail how attackers can exploit image scaling...
Marshal madness: A brief history of Ruby deserialization exploits
4 days ago
This post traces the decade-long evolution of Ruby Marshal deserialization exploits, demonstrating...
Trail of Bits' Buttercup wins 2nd place in AIxCC Challenge
13 days ago
Our team won the runner-up prize of $3M at DARPA’s AI Cyber...
Buttercup is now open-source!
15 days ago
Now that DARPA’s AI Cyber Challenge (AIxCC) has officially ended, we can...
AIxCC finals: Tale of the tape
16 days ago
While the AIxCC winner has not yet been announced, differences in the...
Prompt injection engineering for attackers: Exploiting GitHub Copilot
17 days ago
Prompt injection pervades discussions about security for LLMs and AI agents. But...
Uncovering memory corruption in NVIDIA Triton (as a new hire)
18 days ago
In my first month at Trail of Bits as an AI/ML security...
The Unconventional Innovator Scholarship
22 days ago
Trail of Bits founder Dan Guido establishes a $2,500 scholarship at his...
Hijacking multi-agent systems in your PajaMAS
22 days ago
We’re releasing pajaMAS: a curated set of MAS hijacking demos that illustrate...
We built the security layer MCP always needed
26 days ago
Today we’re announcing the beta release of context-protector, a security wrapper for...
Exploiting zero days in abandoned hardware
29 days ago
We successfully exploited two discontinued network devices at DistrictCon’s inaugural Junkyard competition...
Inside EthCC[8]: Becoming a smart contract auditor
about 1 month ago
At EthCC[8], Trail of Bits blockchain security engineer Nicolas Donboly laid out...