2026

We’re releasing CoBRA, an open-source tool that simplifies the full range of Mixed Boolean-Arithmetic (MBA) expressions used in the wild.

Today, we’re announcing MuTON and mewt, two new mutation testing tools optimized for agentic use.

We had 5% buy-in and 95% resistance. A year later, AI-augmented auditors are finding 200 bugs a week on the right engagements. Here’s the six-part operating system we built, open sourced, and are giving away.

We released a Claude plugin that uses LLMs to annotate code with dimensional types and mechanically detect mismatches, achieving 93% recall versus 50% for baseline prompts when tested against real audit findings.

Dimensional analysis from physics can be applied to DeFi smart contracts to catch arithmetic and logic bugs by ensuring formulas maintain consistent dimensions across tokens, prices, and liquidity calculations. The post demonstrates how explicit dimensional annotations in code comments, like those used in Reserve Protocol, can prevent vulnerabilities and improve auditability.

After auditing dozens of ERC‑4337 smart accounts, we’ve identified six vulnerability patterns that frequently appear.

We’re open-sourcing mquire, a tool that analyzes Linux memory dumps without requiring any external debug information.

Trail of Bits used ML-centered threat modeling and adversarial testing to identify four prompt injection techniques that could exploit Perplexity’s Comet browser AI assistant to exfiltrate private Gmail data. The audit demonstrated how fake security mechanisms, system instructions, and user requests could manipulate the AI agent into accessing and transmitting sensitive user information.

Two popular AES libraries (aes-js and pyaes) provide dangerous default IVs that lead to key/IV reuse vulnerabilities affecting thousands of projects. One maintainer dismissed the issue, while strongSwan’s maintainer exemplified proper security response by comprehensively fixing the vulnerability in their VPN management tool.

Trail of Bits engineers contributed over 375 merged pull requests to more than 90 open-source projects in 2025, including significant work on Sigstore rekor-monitor, the Rust compiler and Clippy, pyca/cryptography’s ASN.1 API, hevm performance optimizations, PyPI Warehouse, and pwndbg.

We collaborated with the Sigstore community to build cryptographic agility into the software signing ecosystem, enabling organizations to use different signing algorithms while maintaining security through predefined algorithm suites and out-of-band configuration rather than dangerous in-band signaling.

We exploited a lack of isolation mechanisms in multiple agentic browsers to perform attacks ranging from the dissemination of false information to cross-site data leaks. These attacks resurface decades-old patterns of vulnerabilities that the web security community spent years building effective defenses against.