Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 634 followers

Latest posts

Last updated 2 days ago

A deep dive into Axiom’s Halo2 circuits

2 days ago

Over two audits in 2023, we reviewed a blockchain system developed by...

The Custodial Stablecoin Rekt Test

3 days ago

Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic...

The cryptography behind passkeys

18 days ago

This post will examine the cryptography behind passkeys, the guarantees they do...

Datasig: Fingerprinting AI/ML datasets to stop data-borne attacks

30 days ago

Datasig generates compact, unique fingerprints for AI/ML datasets that let you compare...

Making PyPI's test suite 81% faster

about 1 month ago

See how we slashed PyPI’s test suite runtime from 163 to 30...

Insecure credential storage plagues MCP

about 1 month ago

This post describes how many examples of MCP software store long-term API...

Deceiving users with ANSI terminal codes in MCP

about 1 month ago

This post describes attacks using ANSI terminal code escape sequences to hide...

How MCP servers can steal your conversation history

about 1 month ago

This post explains how malicious MCP servers can exploit the Model Context...

Jumping the line: How MCP servers can attack you before you ever use them

about 1 month ago

This post is about a critical vulnerability in the Model Context Protocol...

Kicking off AIxCC’s Finals with Buttercup

about 1 month ago

Trail of Bits’ Cyber Reasoning System “Buttercup” is competing in DARPA’s AI...

Sneak peek: A new ASN.1 API for Python

about 1 month ago

We’re working on integrating an ASN.1 API into PyCA Cryptography built on...

Mitigating ELUSIVE COMET threats: Protecting against Zoom remote control attacks

about 2 months ago

This post describes a sophisticated social engineering campaign using Zoom’s remote control...