quite limited scope. and last time i looked at the spec i lost my appetite, but apparently there have been updates, like addition of sntrup pq kem. so maybe this has improved? still wouldn't use it the supply chain attack surface is begging for a "soon" not an "if". and the global transcript of group chats was out of scope in this audit. so, meh?

SimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱! - simplex-chat/simplex-chat

GitHubsimplex-chat/docs/SimpleX_Design_Review_2024_Summary_Report_12_08_2024.pdf at stable · simplex-chat/simplex-chatSimpleX - the first messaging network operating without user identifiers of any kind - 100% private by design! iOS, Android and desktop apps 📱! - simplex-chat/simplex-chat

**Blue DeviL // SCT** @bluedevil@infosec.exchange · Nov 5, 2024

Nov 5, 2024

Blue DeviL // SCT @bluedevil@infosec.exchange

A deep dive into Linux’s new mseal syscall

https://blog.trailofbits.com/2024/10/25/a-deep-dive-into-linuxs-new-mseal-syscall/

Trail of Bits Blog · Oct 25, 2024A deep dive into Linux’s new mseal syscallBy Alan Cao If you love exploit mitigations, you may have heard of a new system call named mseal landing into the Linux kernel’s 6.10 release, providing a protection called “memory sealing.” Beyond…

#trailofbits

**Pyrzout** @jos1264@social.skynetcloud.site · Feb 27, 2024

Feb 27, 2024

Pyrzout @jos1264@social.skynetcloud.site

White House: Use memory-safe programming languages to protect the nation https://www.helpnetsecurity.com/2024/02/27/memory-safe-programming-languages/ #criticalinfrastructure #softwaredevelopment #Horizon3.ai #programming #TrailofBits #government #Don'tmiss #Honeywell #Hotstuff #News #USA

Help Net Security · Feb 27, 2024White House: Use memory-safe programming languages to protect the nation - Help Net SecurityThe White House is asking software devs to start using memory-safe programming languages such as Rust, Python, Swift, C#, Java, and Go.

**Pyrzout** @jos1264@social.skynetcloud.site · Jan 18, 2024

Jan 18, 2024

Pyrzout @jos1264@social.skynetcloud.site

Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs – Source: www.techrepublic.com https://ciso2ciso.com/attackers-could-eavesdrop-on-ai-conversations-on-apple-amd-imagination-and-qualcomm-gpus-source-www-techrepublic-com/ #rssfeedpostgeneratorecho #ArtificialIntelligence #SecurityonTechRepublic #SecurityTechRepublic #largelanguagemodels #CyberSecurityNews #appleiphone15 #appleipadair #GenerativeAI #imagination #trailofbits #opensource #Developer #Qualcomm

CISO2CISO.COM & CYBER SECURITY GROUP · Jan 18, 2024Attackers Could Eavesdrop on AI Conversations on Apple, AMD, Imagination and Qualcomm GPUs - Source: www.techrepublic.comSource: www.techrepublic.com – Author: Megan Crouse Researchers at cybersecurity research and consulting firm Trail of Bits have discovered a vulnerability that could allow attackers to read GPU local memory from affected Apple, Qualcomm, AMD and Imagination GPUs. In particular, the vulnerability—which the researchers named LeftoverLocals—can access conversations performed with large language models and machine learning […]

**Tarnkappe.info** @tarnkappeinfo@social.tchncs.de · Jan 17, 2024

Jan 17, 2024

Tarnkappe.info @tarnkappeinfo@social.tchncs.de

LeftoverLocals: Apple, AMD und Qualcomm GPUs von Sicherheitslücke betroffen
#ITSicherheit #AMD #Apple #CPUs #HeidyKhlaaf #LeftoverLocals #ProofofConcept #Qualcomm #Sicherheitslücke #TrailofBits https://sc.tarnkappe.info/af0398

Tarnkappe.info · Jan 17, 2024LeftoverLocals: Apple, AMD und Qualcomm GPUs von Sicherheitslücke betroffenExperten haben eine Schwachstelle namens LeftoverLocals entdeckt. Sie ermöglicht das Auslesen von Daten aus GPUs von Apple, Qualcomm und AMD

**Cryptocurrency News Worldwide** @CryptoBot@aspiechattr.me · Mar 14, 2023

Mar 14, 2023

Cryptocurrency News Worldwide @CryptoBot@aspiechattr.me

CFTC adds execs from Circle, Ava Labs and Fireblocks to tech advisory group

https://cointelegraph.com/news/cftc-adds-execs-from-circle-ava-labs-and-fireblocks-to-tech-advisory-group

#TechnologyAdvisoryCommittee #IncaDigital #TrailofBits #FireBlocks #Abalanche #AvaLabs #TRMLabs #Circle #CFTC

CointelegraphCFTC adds execs from Circle, Ava Labs and Fireblocks to tech advisory groupBy Brian Quarmby

**Harry Sintonen** @harrysintonen@infosec.exchange · Dec 21, 2022 *

Dec 21, 2022 *

Harry Sintonen @harrysintonen@infosec.exchange

The 2022 #Curl Security Audit by #trailofbits was interesting as I've myself quite a bit of digging into curl internals over the years. While there were many findings, only two of them were considered security vulnerabilities.

2022 security audit: https://daniel.haxx.se/blog/2022/12/21/the-2022-curl-security-audit/

older post about increased CVE activity: https://daniel.haxx.se/blog/2022/08/22/increased-cve-activity-in-curl/

daniel.haxx.seThe 2022 curl security audit | daniel.haxx.se