Everything you care about in one place
Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.
Get Feederblog.trailofbits.com
Trail of Bits Blog
Get the latest updates from Trail of Bits Blog directly as they happen.
Follow now 624 followers
Latest posts
Last updated 6 days ago
PyPI now supports archiving projects
6 days ago
By Facundo Tuesca PyPI now supports marking projects as archived. Project owners...
Best practices for key derivation
8 days ago
By Marc Ilunga Key derivation is essential in many cryptographic applications, including...
Celebrating our 2024 open-source contributions
13 days ago
While Trail of Bits is known for developing security tools like Slither...
Auditing the Ruby ecosystem’s central package repository
about 2 months ago
This is a joint post with the Ruby Central team. The full...
35 more Semgrep rules: infrastructure, supply chain, and Ruby
about 2 months ago
By Matt Schwager and Travis Peters We are publishing another set of...
Evaluating Solidity support in AI coding assistants
3 months ago
By Artem Dinaburg AI-enabled code assistants (like GitHub’s Copilot, Continue.dev, and Tabby)...
Attestations: A new generation of signatures on PyPI
3 months ago
Read the official announcement on the PyPI blog as well For the...
Killing Filecoin nodes
3 months ago
By Simone Monica In January, we identified and reported a vulnerability in...
Fuzzing between the lines in popular barcode software
3 months ago
By Artur Cygan Fuzzing—one of the most successful techniques for finding security...
A deep dive into Linux’s new mseal syscall
3 months ago
By Alan Cao If you love exploit mitigations, you may have heard...
Auditing Gradio 5, Hugging Face’s ML GUI framework
4 months ago
This is a joint post with the Hugging Face Gradio team; read...
Securing the software supply chain with the SLSA framework
4 months ago
By Cliff Smith Software supply chain security has been a hot topic...