Automating OSS-Fuzz integrations using an agentic approach to build generation: blog.oss-fuzz.com/posts/oss-fu...

Fuzzing at scale requires a solution for build script generation, and an LLM-based agentic approach looks promising for this. It too works well with OFG's harness gen capabilities 🤟

We’re hiring Vulnerability Researchers at @infosectcbr.bsky.social that specialise in Linux, OS kernels, Android, and embedded/IoT. With a world class hardware lab, come join our friendly and collaborative team, focusing on research against leading technologies. DM for details.

Awesome job by my PhD student @gabriel-sherman.bsky.social presenting his work on Oracle-guided C Fuzzing Harness Generation! @icseconf.bsky.social

TLDR; 41 new bugs (40 now patched)... with 0 false positives!

GoLibAFL — Fuzzing Go binaries using LibAFL Nils Ollrogge, Bruno Produit

Using #LibAFL to fuzz @golang.org binaries with a proper modern fuzzer 📈📈

Super cool stuff by @srlabs.bsky.social

www.srlabs.de/blog-post/go...

Slava Ukraini 🇺🇦

#FUZZING'25 CALL FOR PAPERS
──────
✨ New OC members:
* Ruijie Meng (@ruijiemeng.bsky.social; NUS)
* Rohan Padhye (@rohan.padhye.org; CMU).
✨ New paper type: Fuzzing Nuggets (short papers).

🔗 fuzzingworkshop.github.io
📅 20.March (Submission)
📅 17.April (Notification)
📅 28.June (Workshop)

Auto generating #fuzzing harnesses by way of program analysis and #LLMs! New blog post "Minimal LLM-based fuzz harness generator": adalogics.com/blog/minimal...

We show how you can generate a sophisticated fuzz harness synthesis tool with a few lines of code.

Yeah, it's relatively new -- we've worked 2-3 months on it from starting with tree-sitter, but have made good strides. FI already supports C/C++/Rust/golang and java. Mileage may vary between languages, but we're going to try and see how far tree-sitter can get us. More posts coming up shortly!

TIL Fuzz Introspector has moved to tree-sitter and a Python library. Cool!

"Fuzz Introspector: enabling rapid fuzz introspection tool development" -- a new blog post on Fuzz Introspector and how it is moving into supporting analysis as a pure python library. #fuzzing #program-analysis See the blog post: adalogics.com/blog/fuzz-in...

Yesterday, I gave a commencement speech for the graduates of #Passau University. "The virtue of simplicity" reflected on the role of simplicity in science, both personal and universal, and how it is important for the future career of graduates. Enjoy! andreas-zeller.info/2025/01/25/T...

Project Zero is hiring 👀
No need to tell y'all that the team is awesome

“AFLNet Five Years Later: On Coverage-Guided Protocol Fuzzing”

A look back at the last five years since the release of AFLNet, “the first code- and state-coverage-guided protocol fuzzer.”

arxiv.org/abs/2412.20324