Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederblog.trailofbits.com
Trail of Bits Blog
Get the latest updates from Trail of Bits Blog directly as they happen.
Follow now 665 followers
Latest posts
Last updated 11 days ago
Celebrating our 2025 open-source contributions
11 days ago
Last year, our engineers submitted over 375 pull requests that were merged...
Building cryptographic agility into Sigstore
12 days ago
Software signatures carry an invisible expiration date. The container image or firmware...
Lack of isolation in agentic browsers resurfaces old vulnerabilities
28 days ago
With browser-embedded AI agents, we’re essentially starting the security journey over again...
Detect Go’s silent arithmetic bugs with go-panikint
about 1 month ago
Go’s arithmetic operations on standard integer types are silent by default, meaning...
Can chatbots craft correct code?
about 2 months ago
I recently attended the AI Engineer Code Summit in New York, an...
Use GWP-ASan to detect exploits in production environments
about 2 months ago
Memory safety bugs like use-after-free and buffer overflows remain among the most...
Catching malicious package releases using a transparency log
2 months ago
We’re getting Sigstore’s rekor-monitor ready for production use, making it easier for...
Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis
2 months ago
In 2023 GitHub introduced CodeQL multi-repository variant analysis (MRVA). This functionality lets...
Introducing constant-time support for LLVM to protect cryptographic code
2 months ago
Trail of Bits has developed constant-time coding support for LLVM, providing developers...
Constant-time support coming to LLVM: Protecting cryptographic code at the compiler level
3 months ago
Trail of Bits has developed constant-time coding support for LLVM 21, providing...
Constant-time support lands in LLVM: Protecting cryptographic code at the compiler level
3 months ago
Trail of Bits has developed constant-time coding support for LLVM 21, providing...
We found cryptography bugs in the elliptic library using Wycheproof
3 months ago
Trail of Bits is publicly disclosing two vulnerabilities in elliptic, a widely...