Detect Go's silent arithmetic bugs with go-panikint
Introducing go-panikint, a tool to detect Go's silent arithmetic bugs including integer overflow and division by zero that can lead to critical vulnerabilities in blockchain and other systems.
December 31, 2025Can chatbots craft correct code?
LLMs fundamentally differ from compilers because they lack determinism and semantic guarantees, making them useful coding assistants but unreliable for autonomous code generation without human review and formal verification.
December 19, 2025Use GWP-ASan to detect exploits in production environments
GWP-ASan is a sampling-based memory error detection tool that catches critical bugs like use-after-free and buffer overflows in production environments with near-zero performance overhead.
December 16, 2025Catching malicious package releases using a transparency log
Getting Sigstore's rekor-monitor ready for production use, making it easier for developers to detect tampering and unauthorized uses of their identities in the Rekor transparency log.
December 12, 2025Introducing mrva, a terminal-first approach to CodeQL multi-repo variant analysis
A terminal-first tool for running CodeQL multi-repository variant analysis locally, allowing users to download pre-built databases, analyze them with custom queries, and view results directly in the terminal.
December 11, 2025Introducing constant-time support for LLVM to protect cryptographic code
Trail of Bits developed constant-time coding support for LLVM that prevents compilers from breaking cryptographic implementations vulnerable to timing attacks, introducing the __builtin_ct_select family of intrinsics.
December 2, 2025We found cryptography bugs in the elliptic library using Wycheproof
Trail of Bits discovered and disclosed two vulnerabilities in the widely used elliptic JavaScript library that could allow signature forgery or prevent valid signature verification.
November 18, 2025Level up your Solidity LLM tooling with Slither-MCP
Releasing Slither-MCP, a new tool that augments LLMs with Slither's unmatched static analysis engine.
November 15, 2025How we avoided side-channels in our new post-quantum Go cryptography libraries
Released open-source Go implementations of ML-DSA and SLH-DSA post-quantum cryptographic algorithms.
November 14, 2025Building checksec without boundaries with Checksec Anywhere
Checksec Anywhere consolidates fragmented binary security analysis tools into a browser-based platform that analyzes ELF, PE, and Mach-O formats locally without compromising privacy or performance.
November 13, 2025Balancer hack analysis and guidance for the DeFi ecosystem
A retrospective on the $100M Balancer hack that occurred in November 2025, including long-term, strategic guidance on how to avoid similar bugs.
November 7, 2025The cryptography behind electronic passports
This blog post describes how electronic passports work, the threats within their threat model, and how they protect against those threats using cryptography.
October 31, 2025Vulnerabilities in LUKS2 disk encryption for confidential VMs
Trail of Bits is disclosing vulnerabilities in confidential computing systems that use LUKS2 for disk encryption. These vulnerabilities allow attackers with access to storage disks to extract confidential data.
October 30, 2025Prompt injection to RCE in AI agents
We bypassed human approval protections for system command execution in AI agents, achieving RCE in three agent platforms.
October 22, 2025Taming 2,500 compiler warnings with CodeQL, an OpenVPN2 case study
Created a CodeQL query that reduced 2,500 compiler warnings about implicit conversions in OpenVPN2 to just 20 high-priority cases.
September 25, 2025Supply chain attacks are exploiting our assumptions
Supply chain attacks exploit fundamental trust assumptions in modern software development, from typosquatting to compromised build pipelines.
September 24, 2025Use mutation testing to find the bugs your tests don't catch
Mutation testing reveals blind spots in test suites by systematically introducing bugs and checking if tests catch them.
September 18, 2025Fickling's new AI/ML pickle file scanner
Added a pickle file scanner to Fickling that uses an allowlist approach to protect AI/ML environments from malicious pickle files.
September 16, 2025How Sui Move rethinks flash loan security
Sui's Move language significantly improves flash loan security by replacing Solidity's reliance on callbacks with a "hot potato" model that enforces repayment at the language level.
September 10, 2025Safer cold storage on Ethereum
By using smart contract programmability, exchanges can build custody solutions that remain secure even when multisig keys are compromised.
September 5, 2025Subverting code integrity checks to locally backdoor Signal, 1Password, Slack, and more
A vulnerability in Electron applications allows attackers to bypass code integrity checks by tampering with V8 heap snapshot files.
September 3, 2025Intern projects that outlived the internship
Our business operations intern built two AI-powered tools that became permanent company resources—a podcast workflow that saves 1,250 hours annually and a Slack exporter.
August 28, 2025Implement EIP-7730 today
EIP-7730 enables hardware wallets to decode transactions into human-readable formats, eliminating blind signing vulnerabilities.
August 27, 2025Speedrunning the New York Subway
We optimized the route for visiting every NYC subway station using algorithms from combinatorial optimization, creating a 20-hour tour that beats the existing world record by 45 minutes.
August 25, 2025Weaponizing image scaling against production AI systems
Details how attackers can exploit image scaling on Gemini CLI, Vertex AI Studio, and other production AI systems. Introduces Anamorpher, an open-source tool.
August 21, 2025Marshal madness: A brief history of Ruby deserialization exploits
This post traces the decade-long evolution of Ruby Marshal deserialization exploits, demonstrating how security researchers have repeatedly bypassed patches.
August 20, 2025Trail of Bits' Buttercup wins 2nd place in AIxCC Challenge
Our team won the runner-up prize of $3M at DARPA's AI Cyber Challenge, demonstrating Buttercup's world-class automated vulnerability discovery capabilities.
August 9, 2025Buttercup is now open-source!
Now that DARPA's AI Cyber Challenge (AIxCC) has officially ended, we can finally make Buttercup, our CRS (Cyber Reasoning System), open source!
August 8, 2025AIxCC finals: Tale of the tape
Differences in the finalists' approaches show that there are multiple viable paths forward to using AI for vulnerability detection.
August 7, 2025Prompt injection engineering for attackers: Exploiting GitHub Copilot
We design and implement a prompt injection exploit targeting GitHub's Copilot Agent.
August 6, 2025Uncovering memory corruption in NVIDIA Triton (as a new hire)
In my first month at Trail of Bits as an AI/ML security engineer, I found two remotely accessible memory corruption bugs in NVIDIA's Triton Inference Server.
August 4, 2025The Unconventional Innovator Scholarship
Trail of Bits founder Dan Guido establishes a $2,500 scholarship at his alma mater, Mineola High School, to recognize students who demonstrate the hacker spirit.
August 1, 2025Hijacking multi-agent systems in your PajaMAS
Releasing pajaMAS: a curated set of MAS hijacking demos that illustrate important principles of MAS security.
July 31, 2025We built the security layer MCP always needed
Announcing the beta release of mcp-context-protector, a security wrapper for LLM apps using the Model Context Protocol (MCP).
July 28, 2025Exploiting zero days in abandoned hardware
We successfully exploited two discontinued network devices at DistrictCon's inaugural Junkyard competition, demonstrating why end-of-life hardware poses persistent security risks.
July 25, 2025Inside EthCC[8]: Becoming a smart contract auditor
At EthCC[8], Trail of Bits blockchain security engineer Nicolas Donboly laid out a clear, actionable path for aspiring smart contract auditors.
July 23, 2025Detecting code copying at scale with Vendetect
Vendetect is our new open-source tool for detecting copied and vendored code between repositories using semantic fingerprinting.
July 21, 2025Building secure messaging is hard: A nuanced take on the Bitchat security debate
The release of Bitchat last week was met with a mixture of glowing praise and sharp criticism. Both extremes bear some truth.
July 18, 2025Investigate your dependencies with Deptective
Deptective, our new open-source tool, automatically finds the packages needed to install software dependencies by observing what the software needs at runtime.
July 8, 2025Buckle up, Buttercup, AIxCC's scored round is underway!
Our CRS (Cyber Reasoning System), Buttercup, is now competing in the one and only scored round of DARPA's AI Cyber Challenge (AIxCC).
July 2, 2025Maturing your smart contracts beyond private key risk
This post introduces a four-level maturity framework for designing protocols that can tolerate key compromise.
June 25, 2025Unexpected security footguns in Go's parsers
File parsers in Go contain unexpected behaviors that can lead to serious security vulnerabilities.
June 17, 2025What we learned reviewing one of the first DKLs23 libraries from Silence Laboratories
In October 2023, we audited Silence Laboratories' DKLs23 threshold signature scheme (TSS) library—one of the first production implementations.
June 10, 2025A deep dive into Axiom's Halo2 circuits
Over two audits in 2023, we reviewed a blockchain system developed by Axiom that allows computing over the entire history of Ethereum, all verified by zero-knowledge proofs (ZKPs).
May 30, 2025The Custodial Stablecoin Rekt Test
Introducing the Custodial Stablecoin Rekt Test; a new spin on the classic Rekt Test for evaluating the security maturity of stablecoin issuers.
May 29, 2025The cryptography behind passkeys
This post will examine the cryptography behind passkeys, the guarantees they do or do not give, and interesting cryptographic things you can do with them.
May 14, 2025Datasig: Fingerprinting AI/ML datasets to stop data-borne attacks
Datasig generates compact, unique fingerprints for AI/ML datasets that let you compare training data with high accuracy.
May 2, 2025Making PyPI's test suite 81% faster
See how we slashed PyPI's test suite runtime from 163 to 30 seconds.
May 1, 2025Insecure credential storage plagues MCP
This post describes how many examples of MCP software store long-term API keys for third-party services in plaintext on the local filesystem.
April 30, 2025Deceiving users with ANSI terminal codes in MCP
This post describes attacks using ANSI terminal code escape sequences to hide malicious instructions to the LLM.
April 29, 2025How MCP servers can steal your conversation history
Malicious MCP servers can inject trigger phrases into tool descriptions to exfiltrate entire conversation histories.
April 23, 2025Jumping the line: How MCP servers can attack you before you ever use them
MCP's 'line jumping' vulnerability lets malicious servers inject prompts through tool descriptions to manipulate AI behavior.
April 21, 2025Kicking off AIxCC's Finals with Buttercup
Trail of Bits' Buttercup competes in DARPA's AIxCC Finals with expanded resources, multiple rounds, and new challenge types.
April 21, 2025Sneak peek: A new ASN.1 API for Python
We're working on integrating an ASN.1 API into PyCA Cryptography, built on top of the same Rust ASN.1 implementation.
April 18, 2025Mitigating ELUSIVE COMET Zoom remote control attacks
This post describes a sophisticated social engineering campaign using Zoom's remote control feature and provides technical solutions.
April 17, 2025Introducing a new section on snapshot fuzzing for kernel-level testing in the Testing Handbook
Learn snapshot fuzzing for kernel-level testing. New Testing Handbook section shows how to test drivers, antivirus software, and complex kernel components.
April 9, 2025Benchmarking OpenSearch and Elasticsearch
Trail of Bits' independent study finds OpenSearch v2.17.1 is 1.6x faster than Elasticsearch v8.15.4 on Big5 workload.
March 6, 2025Continuous TRAIL
Learn how to integrate TRAIL threat modeling into your SDLC, adapt and maintain models as your system evolves.
March 3, 2025Threat modeling the TRAIL of Bits way
Discover TRAIL, Trail of Bits' systematic threat modeling approach that identifies design-level security weaknesses.
February 28, 2025How Threat Modeling Could Have Prevented the $1.5B Bybit Hack
Learn how comprehensive threat modeling could have identified the operational security gaps that led to Bybit's $1.5B hack.
February 25, 2025Don't recurse on untrusted input
We developed a simple CodeQL query to find denial-of-service (DoS) vulnerabilities in several high-profile Java projects.
February 21, 2025The $1.5B Bybit Hack: The Era of Operational Security Failures Has Arrived
The $1.5B Bybit Hack demonstrates how the Era of Operational Security Failures has arrived.
February 21, 2025Unleashing Medusa: Fast and scalable smart contract fuzzing
Introducing Medusa v1, a cutting-edge fuzzing framework designed to enhance smart contract security.
February 14, 2025We're partnering to strengthen TON's DeFi ecosystem
TVM Ventures has selected Trail of Bits as its preferred security partner to strengthen the TON developer ecosystem.
February 13, 2025The call for invariant-driven development
Writing smart contracts requires a higher level of security assurance than most other fields of software engineering.
February 12, 2025Preventing account takeover on centralized cryptocurrency exchanges in 2025
This blog post highlights key points from our new white paper on preventing ATO-related attack vectors and defenses tailored to CEXes.
February 5, 2025PyPI now supports archiving projects
PyPI now supports marking projects as archived. Project owners can now archive their project to let users know that the project is not expected to receive any more updates.
January 30, 2025Best practices for key derivation
Key derivation is essential in many cryptographic applications, including key exchange, key management, and secure communications.
January 28, 2025Celebrating our 2024 open-source contributions
While Trail of Bits is known for developing security tools like Slither, Medusa, and Fickling, our engineering efforts extend far beyond our own projects.
January 23, 2025