Everything you care about in one place

Follow feeds: blogs, news, RSS and more. An effortless way to read and digest content of your choice.

Get Feeder

blog.trailofbits.com

Trail of Bits Blog

Get the latest updates from Trail of Bits Blog directly as they happen.

Follow now 620 followers

Latest posts

Last updated 10 days ago

Auditing the Ruby ecosystem’s central package repository

10 days ago

This is a joint post with the Ruby Central team. The full...

35 more Semgrep rules: infrastructure, supply chain, and Ruby

12 days ago

By Matt Schwager and Travis Peters We are publishing another set of...

Evaluating Solidity support in AI coding assistants

about 1 month ago

By Artem Dinaburg AI-enabled code assistants (like GitHub’s Copilot, Continue.dev, and Tabby)...

Attestations: A new generation of signatures on PyPI

about 1 month ago

Read the official announcement on the PyPI blog as well For the...

Killing Filecoin nodes

about 1 month ago

By Simone Monica In January, we identified and reported a vulnerability in...

Fuzzing between the lines in popular barcode software

about 2 months ago

By Artur Cygan Fuzzing—one of the most successful techniques for finding security...

A deep dive into Linux’s new mseal syscall

about 2 months ago

By Alan Cao If you love exploit mitigations, you may have heard...

Auditing Gradio 5, Hugging Face’s ML GUI framework

2 months ago

This is a joint post with the Hugging Face Gradio team; read...

Securing the software supply chain with the SLSA framework

3 months ago

By Cliff Smith Software supply chain security has been a hot topic...

Notes on AWS Nitro Enclaves: Attack surface

3 months ago

By Paweł Płatek In the race to secure cloud applications, AWS Nitro...

Announcing the Trail of Bits and Semgrep partnership

3 months ago

At Trail of Bits, we aim to share and develop tools and...

Inside DEF CON: Michael Brown on how AI/ML is revolutionizing cybersecurity

3 months ago

At DEF CON, Michael Brown, Principal Security Engineer at Trail of Bits...