's Avatar

@darkamaul.bsky.social

Security Engineer @ Trail Of Bits

25 Followers  |  123 Following  |  1 Posts  |  Joined: 17.11.2024
Posts Following

Posts by (@darkamaul.bsky.social)

Dependency cooldowns, redux
https://blog.yossarian.net/2025/12/13/cooldowns-redux
#security #oss

13.12.2025 16:56 β€” πŸ‘ 4    πŸ” 1    πŸ’¬ 0    πŸ“Œ 0
Preview
PyPI and Shai-Hulud: Staying Secure Amid Emerging Threats - The Python Package Index Blog Shai-Hulud is a great worm, not yet a snake. Attack on npm ecosystem may have implications for PyPI.

There's a nasty #OpenSource #SupplyChain worm going around named Shai-Hulud. It's also capable of exposing some projects' long-lived PyPI API Tokens. Read more on what's happening, and what you can do to protect your projects.

TL,DR: Adopt Trusted Publishing πŸ”πŸš€πŸ“¦

blog.pypi.org/posts/2025-1...

26.11.2025 21:02 β€” πŸ‘ 26    πŸ” 18    πŸ’¬ 1    πŸ“Œ 2

I'm thrilled to announce that after months of intensive work, the complete materials for my Applied Cryptography course at the American University of Beirut are now finished: both Part 1 (Provable Security) and Part 2 (Real-World Cryptography)!

06.08.2025 08:01 β€” πŸ‘ 32    πŸ” 9    πŸ’¬ 4    πŸ“Œ 1
Preview
Making PyPI's test suite 81% faster See how we slashed PyPI’s test suite runtime from 163 to 30 seconds. The techniques we share can help you dramatically improve your own project’s testing performance without sacrificing coverage.

my colleague @darkamaul.bsky.social has a new blog post on the @trailofbits.bsky.social blog about how we worked with @pypi.org's maintainers to slash test times on PyPI by over 80%:

blog.trailofbits.com/2025/05/01/m...

01.05.2025 14:50 β€” πŸ‘ 6    πŸ” 3    πŸ’¬ 0    πŸ“Œ 1
Post image

Fuzzing Windows ARM64 binaries with a DBI and LLVM?
Here we go: www.romainthomas.fr/post/25-04-w...

28.04.2025 12:36 β€” πŸ‘ 4    πŸ” 5    πŸ’¬ 0    πŸ“Œ 0

zizmor would have caught the Ultralytics workflow vulnerability https://blog.yossarian.net/2024/12/06/zizmor-ultralytics-injection #security #oss

06.12.2024 17:40 β€” πŸ‘ 17    πŸ” 7    πŸ’¬ 2    πŸ“Œ 2

Excited to be part of the lineup at @districtcon.bsky.social first conference! Can't wait to see everyone in Washington DC

27.11.2024 09:04 β€” πŸ‘ 1    πŸ” 0    πŸ’¬ 0    πŸ“Œ 0