
<?xml version="1.0" encoding="UTF-8"?>
<rss version="2.0" xmlns:atom="http://www.w3.org/2005/Atom">
<channel>
  <title>appsec.fyi — Fuzzing</title>
  <link>https://appsec.fyi/fuzzing.html</link>
  <description>Curated Fuzzing resources from appsec.fyi</description>
  <language>en-us</language>
  <atom:link href="https://appsec.fyi/feeds/fuzzing.xml" rel="self" type="application/rss+xml"/>
  <lastBuildDate>Wed, 08 Jul 2026 04:08:05 +0000</lastBuildDate>
  <managingEditor>carl@chs.us (Carl Sampson)</managingEditor>
  <item>
    <title>Unpatched Flaws Disclosed in Filesystem Bundled Into Millions of Embedded Devices</title>
    <link>https://thehackernews.com/2026/07/unpatched-flaws-disclosed-in-filesystem.html</link>
    <guid isPermaLink="true">https://thehackernews.com/2026/07/unpatched-flaws-disclosed-in-filesystem.html</guid>
    <description>Library of seven vulnerabilities in FatFs, including CVE-2026-6682, enabling memory corruption and code execution on embedded devices like cameras and crypto wallets. These flaws, rated Medium to High by runZero, stem from mishandling malformed data in FAT and exFAT volumes. Exploits are publicly available, and while one GPT hang bug has an upstream fix, others require downstream vendor patching.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Fri, 03 Jul 2026 20:50:14 +0000</pubDate>
  </item>
  <item>
    <title>GPT-5.5-Cyber built a zlib fuzzing lab in a day</title>
    <link>https://blog.trailofbits.com/2026/07/02/field-reports-from-patch-the-planet</link>
    <guid isPermaLink="true">https://blog.trailofbits.com/2026/07/02/field-reports-from-patch-the-planet</guid>
    <description>Tool that demonstrates GPT-5.5-Cyber&#x27;s capability to autonomously construct a zlib fuzzing lab within a single day, including writing harnesses for multiple entrypoints like inflate and uncompress2, leveraging ASan/UBSan builds, and repurposing edge-case tests for seeds, surpassing typical OSS-Fuzz coverage by targeting valid states and using OS backpressure.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Fri, 03 Jul 2026 06:00:14 +0000</pubDate>
  </item>
  <item>
    <title>Introducing Aardvark: OpenAIs agentic security researcher</title>
    <link>https://openai.com/index/introducing-aardvark/</link>
    <guid isPermaLink="true">https://openai.com/index/introducing-aardvark/</guid>
    <description>OpenAI has introduced Aardvark, an agentic security researcher. This AI-powered tool is designed to assist in identifying and analyzing security vulnerabilities. While the provided text mentions its introduction, it does not specify any bug bounty payout amounts related to Aardvark&#x27;s findings or operation.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Tue, 30 Jun 2026 21:45:42 +0000</pubDate>
  </item>
  <item>
    <title>Multiple AirDrop and Quick Share Vulnerabilities Allow Attackers to Crash Devices</title>
    <link>https://cybersecuritynews.com/airdrop-and-quick-share-vulnerabilities/</link>
    <guid isPermaLink="true">https://cybersecuritynews.com/airdrop-and-quick-share-vulnerabilities/</guid>
    <description>Multiple vulnerabilities have been discovered in Apple&#x27;s AirDrop and Google&#x27;s Quick Share features, both of which facilitate device-to-device file sharing. These security flaws enable attackers to remotely crash nearby devices by sending malformed packets. This exploit could disrupt users&#x27; ability to use their devices and potentially lead to denial-of-service scenarios. The article does not mention any bug bounty payout amounts.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Tue, 30 Jun 2026 20:45:42 +0000</pubDate>
  </item>
  <item>
    <title>WinPE as a stateless harness for Windows driver testing and fuzzing</title>
    <link>https://bednars.me/blog/winpe-harness</link>
    <guid isPermaLink="true">https://bednars.me/blog/winpe-harness</guid>
    <description>Library for transforming Windows PE into an idempotent testing environment. This library details low-level mechanisms including BCD and QEMU modifications for faster VM spins, enabling kernel-mode driver testing and fuzzing. It covers aggressive boot optimizations with `bcdedit`, disabling VBS/HVCI via `hypervisorlaunchtype off` and `testsigning yes`, utilizing the older `pc` QEMU machine profile for stability, configuring KDNET with `busparams`, and customizing the boot process by disabling NDIS initialization and replacing `cmd.exe` with a custom test agent in `winpeshl.ini`.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Mon, 29 Jun 2026 06:15:18 +0000</pubDate>
  </item>
  <item>
    <title>OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes</title>
    <link>https://www.developer-tech.com/news/openai-deploys-gpt-5-5-cyber-open-source-vulnerability-fixes/</link>
    <guid isPermaLink="true">https://www.developer-tech.com/news/openai-deploys-gpt-5-5-cyber-open-source-vulnerability-fixes/</guid>
    <description>OpenAI deploys GPT-5.5-Cyber for open-source vulnerability fixes https://ift.tt/TC32xeh</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Tue, 23 Jun 2026 13:10:10 +0000</pubDate>
  </item>
  <item>
    <title>Extending developer security with dev-first dynamic testing</title>
    <link>https://snyk.io/blog/dev-first-dynamic-testing-security</link>
    <guid isPermaLink="true">https://snyk.io/blog/dev-first-dynamic-testing-security</guid>
    <description>Library extending developer security, Snyk has acquired Probely, a provider of API Security Testing and Dynamic Application Security Testing (DAST). This acquisition integrates modern DAST capabilities, focusing on a developer-first approach with low false positive rates, simple implementation, and CI/CD pipeline integration, addressing the growing need for API security in the GenAI era and providing enhanced visibility into application risk.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Tue, 16 Jun 2026 06:00:59 +0000</pubDate>
  </item>
  <item>
    <title>AI Smart Contract Vulnerability Detection: Web3 Guide</title>
    <link>https://www.augmentcode.com/guides/ai-smart-contract-vulnerability-detection</link>
    <guid isPermaLink="true">https://www.augmentcode.com/guides/ai-smart-contract-vulnerability-detection</guid>
    <description>Guide summarizing AI smart contract vulnerability detection, emphasizing a layered defense approach. It details how AI methods like deep learning on EVM bytecode, graph neural networks, and LLM auditing models complement traditional static analysis, fuzzing, and formal verification. The guide highlights tools such as Slither, Mythril, and Aderyn, and discusses the practical challenges and trade-offs of integrating AI into Web3 security workflows, noting that while AI improves recall, human review remains crucial for complex logic and access control bugs.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Mon, 08 Jun 2026 08:25:18 +0000</pubDate>
  </item>
  <item>
    <title>Continuous Offensive Security: The Line We&#x27;ve Been Walking</title>
    <link>https://snyk.io/blog/continuous-offensive-security</link>
    <guid isPermaLink="true">https://snyk.io/blog/continuous-offensive-security</guid>
    <description>Library for continuous offensive security testing, this resource details the evolution from traditional Dynamic Security Testing (DAST) to AI-driven pentesting. It distinguishes between heuristic-detectable vulnerabilities (like SQL injection) and context-dependent ones (such as BOLA and IDOR) that require human-like reasoning. The library enables automated discovery of context-dependent flaws by analyzing intent, and includes Agent Red Teaming for novel AI-specific attack surfaces like prompt injection and data exfiltration in LLM-integrated applications.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Mon, 08 Jun 2026 06:00:56 +0000</pubDate>
  </item>
  <item>
    <title>Sparkplug B Protocol Fuzzing with AI Assistance</title>
    <link>https://bishopfox.com/blog/sparkplug-b-protocol-fuzzing-with-ai-assistance</link>
    <guid isPermaLink="true">https://bishopfox.com/blog/sparkplug-b-protocol-fuzzing-with-ai-assistance</guid>
    <description>Tool for fuzzing the Sparkplug B protocol, an MQTT-based standard for industrial control systems. This fuzzer systematically targets message types, data types, and field paths, identifying crashes, protocol violations, and state-handling bugs. AI assistance refined the Python implementation, improving coverage, efficiency, and adding CLI functionality for security testing of ICS and SCADA devices.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Mon, 08 Jun 2026 02:51:37 +0000</pubDate>
  </item>
  <item>
    <title>Breaking the Sound Barrier, Part II: Exploiting CVE-2024-54529</title>
    <link>https://projectzero.google/2026/01/sound-barrier-2.html</link>
    <guid isPermaLink="true">https://projectzero.google/2026/01/sound-barrier-2.html</guid>
    <description>Writeup details the exploitation of CVE-2024-54529, a type confusion vulnerability in macOS&#x27;s CoreAudio framework. The author outlines the process of turning a crash into a working exploit, involving complex heap manipulation and control flow hijacking. This includes challenges with CFString objects and the development of custom tools like an object dumper utilizing Ivan Fratric’s TinyInst Hook API, alongside static analysis with IDAPython. The writeup also touches upon the failure of an out-of-bounds read approach due to object size constraints and the discovery of uninitialized memory in the `ngne` object using Guard Malloc with PreScribble.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Mon, 08 Jun 2026 02:51:25 +0000</pubDate>
  </item>
  <item>
    <title>On the Effectiveness of Mutational Grammar Fuzzing</title>
    <link>https://projectzero.google/2026/03/mutational-grammar-fuzzing.html</link>
    <guid isPermaLink="true">https://projectzero.google/2026/03/mutational-grammar-fuzzing.html</guid>
    <description>Technique analyzing the flaws of mutational grammar fuzzing, particularly how increased coverage doesn&#x27;t always equate to more bugs and how samples tend to remain highly similar. It highlights issues found in XSLT implementations and JIT engines, suggesting potential improvements by exploring dataflow coverage or combining generative and mutational fuzzing approaches.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Mon, 08 Jun 2026 02:51:25 +0000</pubDate>
  </item>
  <item>
    <title>Extending Ruzzy with LibAFL</title>
    <link>https://blog.trailofbits.com/2026/04/29/extending-ruzzy-with-libafl</link>
    <guid isPermaLink="true">https://blog.trailofbits.com/2026/04/29/extending-ruzzy-with-libafl</guid>
    <description>Library for extending Ruzzy, a coverage-guided fuzzer for Ruby code, with LibAFL. This integration leverages LibAFL&#x27;s LLVM compatibility layer and addresses challenges like ELF `.preinit_array` section restrictions by utilizing LLVM `ld`, and resolves &quot;No maps available; cannot fuzz!&quot; errors by ensuring proper SanitizerCoverage initialization timing, critical for fuzzing campaigns.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Mon, 08 Jun 2026 02:51:18 +0000</pubDate>
  </item>
  <item>
    <title>Go fuzzing was missing half the toolkit. We forked the toolchain to fix it.</title>
    <link>https://blog.trailofbits.com/2026/05/12/go-fuzzing-was-missing-half-the-toolkit.-we-forked-the-toolchain-to-fix-it.</link>
    <guid isPermaLink="true">https://blog.trailofbits.com/2026/05/12/go-fuzzing-was-missing-half-the-toolkit.-we-forked-the-toolchain-to-fix-it.</guid>
    <description>Library, gosentry, is a fork of the Go toolchain that enhances native fuzzing capabilities. It integrates LibAFL, Nautilus for grammar-based fuzzing, and capabilities for structured inputs, integer overflow detection (building on go-panikint), goroutine leak detection (via goleak), data race detection, and timeout detection. Existing Go fuzz harnesses can be used with gosentry without modification, offering improved bug detection and coverage reporting for vulnerabilities like those found in Optimism and Revm.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Mon, 08 Jun 2026 02:51:17 +0000</pubDate>
  </item>
  <item>
    <title>Wireshark 4.6.6 Patches Critical ROHC and MACsec Vulnerabilities</title>
    <link>https://www.linkedin.com/pulse/wireshark-466-patches-critical-rohc-macsec-vulnerabilities-idwae</link>
    <guid isPermaLink="true">https://www.linkedin.com/pulse/wireshark-466-patches-critical-rohc-macsec-vulnerabilities-idwae</guid>
    <description>Wireshark version 4.6.6 has been released, addressing critical vulnerabilities in the ROHC and MACsec protocols. These patches are essential for users to protect against potential security risks. The update is now available, and users are strongly encouraged to upgrade to the latest version to ensure their systems are secure.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Mon, 25 May 2026 19:45:32 +0000</pubDate>
  </item>
  <item>
    <title>Autonomous fuzzing process under LLM supervision</title>
    <link>https://cert.pl/en/posts/2026/05/autonomous-fuzzing/</link>
    <guid isPermaLink="true">https://cert.pl/en/posts/2026/05/autonomous-fuzzing/</guid>
    <description>Library for autonomous fuzzing, codenamed fuzzlab, utilizes Large Language Models (LLMs) under strict procedural guidance to automate software security testing. This Python-based system analyzes code, generates test programs, classifies findings, and prepares reports. It has successfully identified vulnerabilities in ModSecurity and Oracle VirtualBox, demonstrating its capability to supervise fuzzing campaigns, adapt to anomalies, and improve test generation without constant human intervention, supporting various AI models through a standardized interface.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Fri, 22 May 2026 19:45:15 +0000</pubDate>
  </item>
  <item>
    <title>Claude Mythos found decade-old Firefox bugs that years of fuzzing missed</title>
    <link>https://www.msn.com/en-in/money/news/claude-mythos-found-decade-old-firefox-bugs-that-years-of-fuzzing-missed/ar-AA22G0Hq?ocid</link>
    <guid isPermaLink="true">https://www.msn.com/en-in/money/news/claude-mythos-found-decade-old-firefox-bugs-that-years-of-fuzzing-missed/ar-AA22G0Hq?ocid</guid>
    <description>Claude Mythos has discovered long-standing Firefox vulnerabilities, some dating back a decade, which eluded years of automated fuzzing. These critical bugs highlight limitations in current security testing methodologies and underscore the persistent challenges in identifying complex software flaws. The specific details of the bugs and their potential impact are not provided in this brief announcement.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Mon, 18 May 2026 09:25:36 +0000</pubDate>
  </item>
  <item>
    <title>Claude Mythos found decade-old Firefox bugs that years of fuzzing missed</title>
    <link>https://www.msn.com/en-in/money/news/claude-mythos-found-decade-old-firefox-bugs-that-years-of-fuzzing-missed/ar-AA22G0Hq</link>
    <guid isPermaLink="true">https://www.msn.com/en-in/money/news/claude-mythos-found-decade-old-firefox-bugs-that-years-of-fuzzing-missed/ar-AA22G0Hq</guid>
    <description>Claude Mythos has discovered long-standing bugs in Firefox, some present for a decade, which eluded extensive fuzzing efforts. This highlights limitations in automated testing and the value of manual, in-depth security research. The specific number of bugs or their severity was not detailed in the provided content, nor was any bug bounty payout amount mentioned.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Fri, 15 May 2026 19:15:28 +0000</pubDate>
  </item>
  <item>
    <title>Stopping bugs before they ship: The shift to preventative security</title>
    <link>https://www.spiceworks.com/security/stopping-bugs-before-they-ship-the-shift-to-preventative-security/</link>
    <guid isPermaLink="true">https://www.spiceworks.com/security/stopping-bugs-before-they-ship-the-shift-to-preventative-security/</guid>
    <description>The article discusses a crucial shift in cybersecurity: moving from reactive bug fixing to proactive, preventative security measures. This approach aims to identify and resolve vulnerabilities earlier in the development lifecycle, before software is released to the public. The goal is to minimize the risk of security breaches and their associated costs, ultimately leading to more secure products and services. The emphasis is on integrating security practices throughout the entire development process, rather than treating it as an afterthought.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Fri, 15 May 2026 13:55:45 +0000</pubDate>
  </item>
  <item>
    <title>Mozilla Uses AI to Help Discover a Security Vulnerability in Firefox 271</title>
    <link>https://news.aibase.com/news/27775</link>
    <guid isPermaLink="true">https://news.aibase.com/news/27775</guid>
    <description>Mozilla successfully employed AI to identify a security vulnerability in Firefox 271. This marks a significant step in leveraging artificial intelligence for cybersecurity, enabling more proactive discovery of potential threats. The AI&#x27;s ability to analyze complex code and identify weaknesses could revolutionize vulnerability assessment and software security. This development highlights the growing importance of AI in protecting digital infrastructure and user data.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Sun, 10 May 2026 23:20:24 +0000</pubDate>
  </item>
  <item>
    <title>Mozilla Uses Mythos to Find Hundreds of Flaws</title>
    <link>https://letsdatascience.com/news/mozilla-uses-mythos-to-find-hundreds-of-flaws-bc6a13c5</link>
    <guid isPermaLink="true">https://letsdatascience.com/news/mozilla-uses-mythos-to-find-hundreds-of-flaws-bc6a13c5</guid>
    <description>Library using Anthropic&#x27;s Claude Mythos Preview and custom orchestration identified 271 security bugs in Firefox, including a 15-year-old defect missed by fuzzers. This AI-assisted approach yielded high-signal findings with minimal false positives, suggesting maturing capabilities for vulnerability discovery. The findings raise considerations for disclosure processes and the dual-use potential of such powerful models.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Fri, 08 May 2026 18:10:47 +0000</pubDate>
  </item>
  <item>
    <title>Mozilla explains the system that discovered 271 vulnerabilities in Firefox using Claude Mythos Preview.</title>
    <link>https://gigazine.net/gsc_news/en/20260508-mozilla-claude-mythos-preview-security/</link>
    <guid isPermaLink="true">https://gigazine.net/gsc_news/en/20260508-mozilla-claude-mythos-preview-security/</guid>
    <description>Library for AI-assisted vulnerability discovery, detailing Mozilla&#x27;s system that leveraged Claude Mythos Preview to identify 271 vulnerabilities in Firefox. This system utilized an agent-based harness atop existing fuzzing infrastructure to pinpoint flaws in areas like JIT, WebAssembly GC, IndexedDB, and XSLT, including a 15-year-old bug in the `&lt;legend&gt;` element and persistent XSLT issues. The AI demonstrated a low false positive rate, with dual LLM verification bolstering developer confidence, and highlighted the effectiveness of existing anti-poisoning measures by identifying blocked AI attack attempts.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Fri, 08 May 2026 14:10:45 +0000</pubDate>
  </item>
  <item>
    <title>AI-based fuzzing targets open-source LLM vulnerabilities</title>
    <link>https://www.reversinglabs.com/blog/automated-ai-fuzzing-targets-open-source-llm-vulnerabilities</link>
    <guid isPermaLink="true">https://www.reversinglabs.com/blog/automated-ai-fuzzing-targets-open-source-llm-vulnerabilities</guid>
    <description>Library that utilizes AI-enhanced fuzzing to discover vulnerabilities in open-source projects. This technique has already identified 26 new vulnerabilities, including a critical flaw in OpenSSL, by generating sophisticated and varied test inputs that explore new execution paths and uncover edge cases missed by traditional methods. The library aims to improve code coverage, increase efficiency, and automate vulnerability discovery, though users must be aware of potential drawbacks like false positives and the need for careful validation of AI-generated code.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Thu, 07 May 2026 10:25:21 +0000</pubDate>
  </item>
  <item>
    <title>Open-source Models Match Mythos in Bug Finding</title>
    <link>https://letsdatascience.com/news/open-source-models-match-mythos-in-bug-finding-63ee88cf</link>
    <guid isPermaLink="true">https://letsdatascience.com/news/open-source-models-match-mythos-in-bug-finding-63ee88cf</guid>
    <description>Tooling enables open-source models to match Anthropic&#x27;s Mythos in bug finding by creating orchestration pipelines that run multiple models in harness, providing defense in depth and covering individual model blind spots. This approach replicates Mythos&#x27;s ability to find both shallow and complex vulnerabilities, offering a cost-effective alternative to proprietary models. Human experts are crucial for orchestrating these ensembles, triaging findings, and validating exploitability, ensuring improved security practices through AI-assisted testing and fuzzing pipelines.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Fri, 01 May 2026 16:10:48 +0000</pubDate>
  </item>
  <item>
    <title>Firefox using advanced AI to find fix browser security flaws</title>
    <link>https://www.msn.com/en-xl/news/other/firefox-using-advanced-ai-to-find-fix-browser-security-flaws/ar-AA21Q1n4</link>
    <guid isPermaLink="true">https://www.msn.com/en-xl/news/other/firefox-using-advanced-ai-to-find-fix-browser-security-flaws/ar-AA21Q1n4</guid>
    <description>Firefox is employing advanced AI to proactively identify and address browser security vulnerabilities. This innovative approach aims to streamline the process of finding and patching flaws, enhancing user security. By leveraging AI, Firefox can potentially detect a wider range of issues more efficiently than traditional methods. The goal is to create a more secure browsing experience for all users by staying ahead of potential threats.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Wed, 29 Apr 2026 14:00:49 +0000</pubDate>
  </item>
  <item>
    <title>Claude Mythos discovered 271 vulnerabilities in Firefox</title>
    <link>https://www.secnews.gr/en/704348/claude-mythos-271-adynamies-firefox/</link>
    <guid isPermaLink="true">https://www.secnews.gr/en/704348/claude-mythos-271-adynamies-firefox/</guid>
    <description>Security researcher Claude Mythos identified an extensive 271 vulnerabilities within the Firefox browser. The details of these discoveries were shared via a linked article, highlighting a significant security audit conducted by Mythos. No bug bounty payout amount was specified in the provided content.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Fri, 24 Apr 2026 00:40:32 +0000</pubDate>
  </item>
  <item>
    <title>Jazzer: Coverage-guided, in-process fuzzing for the JVM</title>
    <link>https://github.com/CodeIntelligenceTesting/jazzer</link>
    <guid isPermaLink="true">https://github.com/CodeIntelligenceTesting/jazzer</guid>
    <description>Library for coverage-guided, in-process fuzzing of the JVM. Jazzer integrates with JUnit 5.9.0+ and supports Linux, macOS, and Windows platforms. It leverages libFuzzer&#x27;s instrumentation for mutation-based input generation, allowing developers to write fuzz tests alongside unit tests. Jazzer can run in regression or fuzzing modes, identifying crashes and storing inputs for further analysis. It also includes built-in sanitizers to detect risky behaviors during fuzzing.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:14 +0000</pubDate>
  </item>
  <item>
    <title>Fuzzing 100+ open source projects with OSS-Fuzz - lessons learned</title>
    <link>https://adalogics.com/blog/fuzzing-100-open-source-projects-with-oss-fuzz</link>
    <guid isPermaLink="true">https://adalogics.com/blog/fuzzing-100-open-source-projects-with-oss-fuzz</guid>
    <description>Writeup detailing continuous fuzzing efforts on over 100 open-source projects via OSS-Fuzz. This initiative reported 2104 bugs, including 559 security-relevant issues, with 1330 fixed. Notable findings include CVE-2020-28362 in Go-ethereum and contributions to Sudoers and Pidgin, highlighting the impact of sustained vulnerability analysis on critical software components.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:13 +0000</pubDate>
  </item>
  <item>
    <title>Large Language Model guided Protocol Fuzzing (NDSS)</title>
    <link>https://www.ndss-symposium.org/ndss-paper/large-language-model-guided-protocol-fuzzing/</link>
    <guid isPermaLink="true">https://www.ndss-symposium.org/ndss-paper/large-language-model-guided-protocol-fuzzing/</guid>
    <description>Tool for LLM-guided protocol fuzzing, ChatAFL leverages pre-trained large language models to extract machine-readable protocol information from natural language specifications. This engine constructs grammars for message types and mutates or predicts message sequences, significantly enhancing state and code coverage compared to state-of-the-art fuzzers like AFLNet and NSFuzz. Experiments on ProFuzzbench demonstrated ChatAFL&#x27;s effectiveness in discovering previously unknown vulnerabilities in real-world protocol implementations.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Wed, 22 Apr 2026 12:52:12 +0000</pubDate>
  </item>
  <item>
    <title>Detect Go&#x27;s silent arithmetic bugs with go-panikint</title>
    <link>https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/</link>
    <guid isPermaLink="true">https://blog.trailofbits.com/2025/12/31/detect-gos-silent-arithmetic-bugs-with-go-panikint/</guid>
    <description>Library for detecting silent integer arithmetic bugs in Go projects. go-panikint modifies the Go compiler to transform integer overflows and truncations into explicit panics, making them detectable by fuzzers. It successfully identified an integer overflow vulnerability in the Cosmos SDK&#x27;s RPC pagination logic. The library includes mechanisms to filter intentional overflows via source location whitelisting or in-code comments.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:11 +0000</pubDate>
  </item>
  <item>
    <title>Denial of Fuzzing: Rust in the Windows kernel</title>
    <link>https://research.checkpoint.com/2025/denial-of-fuzzing-rust-in-the-windows-kernel/</link>
    <guid isPermaLink="true">https://research.checkpoint.com/2025/denial-of-fuzzing-rust-in-the-windows-kernel/</guid>
    <description>Library for fuzzing Windows kernel GDI components, utilizing WinAFL and WinAFL Pet for efficient testing. It details techniques for metafile fuzzing with Enhanced Metafile Format Plus (EMF+) and identifies a denial-of-fuzzing condition triggered by mutations. The library includes methodologies for memory dump analysis using Volatility and MemProcFS, and a client-server approach to capture and store mutated files for faster reproduction of kernel crashes.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:11 +0000</pubDate>
  </item>
  <item>
    <title>Bringing Fuzz Testing to Kotlin with kotlinx.fuzz</title>
    <link>https://blog.jetbrains.com/research/2025/04/kotlinxfuzz-kotlin-fuzzing/</link>
    <guid isPermaLink="true">https://blog.jetbrains.com/research/2025/04/kotlinxfuzz-kotlin-fuzzing/</guid>
    <description>Library for fuzz testing Kotlin applications. Developed by JetBrains Research, this fuzzer, named kotlinx.fuzz, leverages existing Java fuzzers like Jazzer to identify edge cases and uncover hidden vulnerabilities by automatically generating random or invalid inputs for target functions such as `Duration.parseIsoStringOrNull`. It simplifies the fuzzing process, offering improved configuration, execution, and result analysis for Kotlin projects.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Wed, 22 Apr 2026 12:52:09 +0000</pubDate>
  </item>
  <item>
    <title>Advanced binary fuzzing using AFL++-QEMU and libprotobuf</title>
    <link>https://airbus-seclab.github.io/AFLplusplus-blogpost/</link>
    <guid isPermaLink="true">https://airbus-seclab.github.io/AFLplusplus-blogpost/</guid>
    <description>Tool for advanced binary-only fuzzing utilizing AFL++-QEMU, focusing on grammar-aware in-memory persistent fuzzing. This practical guide demonstrates step-by-step configuration, including instrumentation tuning for specific code paths and optimizing execution speed, using a case study of a weak X509 parser with a buffer overflow vulnerability in `parse_cert_buf`. It details corpus preparation with `afl-cmin` and `afl-tmin`, and explores AFL++-QEMU features like `AFL_CUSTOM_MUTATOR_LIBRARY` and persistent mode addresses for performance enhancements.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Wed, 22 Apr 2026 12:52:08 +0000</pubDate>
  </item>
  <item>
    <title>deepSURF: Detecting Memory Safety Vulnerabilities in Rust Through Fuzzing LLM-Augmented Harnesses</title>
    <link>https://arxiv.org/html/2506.15648v1</link>
    <guid isPermaLink="true">https://arxiv.org/html/2506.15648v1</guid>
    <description>Tool integrating static analysis and LLM-guided fuzzing to detect memory safety vulnerabilities in Rust&#x27;s unsafe code. deepSURF handles generics by substituting them with custom types and LLM-augmented harnesses for complex API interactions. Evaluation on 27 Rust crates revealed 20 known and 6 previously unknown memory safety bugs, surpassing state-of-the-art tools.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Wed, 22 Apr 2026 12:52:07 +0000</pubDate>
  </item>
  <item>
    <title>Fixing Security Vulnerabilities with AI in OSS-Fuzz</title>
    <link>https://arxiv.org/html/2411.03346v1</link>
    <guid isPermaLink="true">https://arxiv.org/html/2411.03346v1</guid>
    <description>Library that customizes the AutoCodeRover LLM agent, named CodeRover-S, for autonomously fixing security vulnerabilities detected by OSS-Fuzz. This approach leverages exploit input from fuzzing campaigns to extract dynamic call graph information and augment vulnerability reports. CodeRover-S aims to improve patch generation success rates by incorporating type-based analysis at identified faulty program locations, focusing on dynamic attributes for patch correctness over static code similarity metrics.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:07 +0000</pubDate>
  </item>
  <item>
    <title>A Survey of Network Protocol Fuzzing: Model, Techniques and Directions</title>
    <link>https://arxiv.org/html/2402.17394v1</link>
    <guid isPermaLink="true">https://arxiv.org/html/2402.17394v1</guid>
    <description>Survey of network protocol fuzzing techniques; this paper systematically reviews advancements, proposes a unified process model, and discusses techniques for syntax acquisition, test case generation, execution, monitoring, and feedback utilization. It highlights challenges unique to network protocols, such as statefulness and structured input, and points to promising research directions, referencing vulnerabilities like Heartbleed (CVE-2014-0160) found in software like OpenSSL.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Wed, 22 Apr 2026 12:52:06 +0000</pubDate>
  </item>
  <item>
    <title>Anthropic AI Finds 271 Vulnerabilities in Firefox</title>
    <link>https://letsdatascience.com/news/anthropic-ai-finds-271-vulnerabilities-in-firefox-78685110</link>
    <guid isPermaLink="true">https://letsdatascience.com/news/anthropic-ai-finds-271-vulnerabilities-in-firefox-78685110</guid>
    <description>Anthropic AI Finds 271 Vulnerabilities in Firefox https://ift.tt/61geSjc</description>
    <category>Fuzzing</category>
    <category domain="difficulty">news</category>
    <pubDate>Wed, 22 Apr 2026 10:10:22 +0000</pubDate>
  </item>
  <item>
    <title>Generative Fuzzer-Driven Vulnerability Detection in IoT Networks</title>
    <link>https://www.sciencedirect.com/science/article/pii/S1568494625002844</link>
    <guid isPermaLink="true">https://www.sciencedirect.com/science/article/pii/S1568494625002844</guid>
    <description>Generative Fuzzer-Driven Vulnerability Detection in IoT Networks</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Sun, 19 Apr 2026 02:22:08 +0000</pubDate>
  </item>
  <item>
    <title>Automating Fuzz Driver Generation for Deep Learning Libraries with LLMs</title>
    <link>https://link.springer.com/article/10.1186/s42400-025-00532-9</link>
    <guid isPermaLink="true">https://link.springer.com/article/10.1186/s42400-025-00532-9</guid>
    <description>Automating Fuzz Driver Generation for Deep Learning Libraries with LLMs</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Sun, 19 Apr 2026 02:22:08 +0000</pubDate>
  </item>
  <item>
    <title>Fuzz to the Future: Uncovering Occluded Future Vulnerabilities</title>
    <link>https://dl.acm.org/doi/10.1145/3658644.3690278</link>
    <guid isPermaLink="true">https://dl.acm.org/doi/10.1145/3658644.3690278</guid>
    <description>Fuzz to the Future: Uncovering Occluded Future Vulnerabilities</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Sun, 19 Apr 2026 02:22:07 +0000</pubDate>
  </item>
  <item>
    <title>EdgeFuzz: A Middleware-Based Security Testing Tool</title>
    <link>https://www.scitepress.org/Papers/2025/135216/135216.pdf</link>
    <guid isPermaLink="true">https://www.scitepress.org/Papers/2025/135216/135216.pdf</guid>
    <description>EdgeFuzz: A Middleware-Based Security Testing Tool</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Sun, 19 Apr 2026 02:22:06 +0000</pubDate>
  </item>
  <item>
    <title>Software Fuzzing: The Cornerstone of Automated Vulnerability Discovery</title>
    <link>https://medium.com/@stawils/software-fuzzing-the-cornerstone-of-automated-vulnerability-discovery-95aef284cd84</link>
    <guid isPermaLink="true">https://medium.com/@stawils/software-fuzzing-the-cornerstone-of-automated-vulnerability-discovery-95aef284cd84</guid>
    <description>Software Fuzzing: The Cornerstone of Automated Vulnerability Discovery</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Sun, 19 Apr 2026 02:22:05 +0000</pubDate>
  </item>
  <item>
    <title>Fuzzing | Testing Handbook - AppSec Guide</title>
    <link>https://appsec.guide/docs/fuzzing/</link>
    <guid isPermaLink="true">https://appsec.guide/docs/fuzzing/</guid>
    <description>Handbook chapter detailing fuzzing as an essential dynamic testing method for uncovering security issues and bugs. It covers starting fuzzing projects quickly, delving into advanced techniques, and selecting appropriate fuzzers. The handbook explains how to write fuzzing harnesses, interpret their outputs, and apply them to real-world C/C++ projects, discussing both blackbox and feedback-driven graybox fuzzing approaches. It also explores mutation-based evolutionary fuzzing, the de facto algorithm, and defines key terminology such as SUT, fuzzer, harness, and corpus.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Thu, 16 Apr 2026 21:03:41 +0000</pubDate>
  </item>
  <item>
    <title>API Fuzzing for Security Testing: Complete Guide</title>
    <link>https://www.apisec.ai/blog/api-fuzzing-for-security-testing-complete-guide</link>
    <guid isPermaLink="true">https://www.apisec.ai/blog/api-fuzzing-for-security-testing-complete-guide</guid>
    <description>Library for API fuzzing that automates vulnerability discovery by generating malformed, randomized, or boundary-case inputs to uncover weaknesses like injection attacks, authentication bypasses, and data exposure via error handling. It integrates into CI/CD pipelines, complementing static analysis and manual testing by detecting edge cases and logic flaws missed by traditional methods, significantly improving detection rates and reducing remediation costs.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Thu, 16 Apr 2026 21:03:40 +0000</pubDate>
  </item>
  <item>
    <title>Recent Fuzzing Papers Collection</title>
    <link>https://github.com/wcventure/FuzzingPaper</link>
    <guid isPermaLink="true">https://github.com/wcventure/FuzzingPaper</guid>
    <description>Recent Fuzzing Papers Collection</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Thu, 16 Apr 2026 21:03:39 +0000</pubDate>
  </item>
  <item>
    <title>Awesome-Fuzzing: Curated List of Fuzzing Resources</title>
    <link>https://github.com/secfigo/Awesome-Fuzzing</link>
    <guid isPermaLink="true">https://github.com/secfigo/Awesome-Fuzzing</guid>
    <description>Library collecting curated resources for learning fuzzing and exploit development, including books like &quot;Fuzzing: Brute Force Vulnerability Discovery,&quot; courses, videos, tutorials, and vulnerable applications. It lists tools such as American Fuzzy Lop (AFL), Peach Fuzzer, honggfuzz, and Cloudfuzzer, alongside discussions of techniques like directed fuzzing and root cause analysis for vulnerabilities like integer overflows. The library also features resources on browser fuzzing frameworks like BFuzz and Grizzly.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Thu, 16 Apr 2026 21:03:38 +0000</pubDate>
  </item>
  <item>
    <title>KernelGPT: Enhanced Kernel Fuzzing via LLMs</title>
    <link>https://github.com/ise-uiuc/KernelGPT</link>
    <guid isPermaLink="true">https://github.com/ise-uiuc/KernelGPT</guid>
    <description>Library for enhanced Linux kernel fuzzing using Large Language Models to automate Syzkaller specification generation and refinement. KernelGPT analyzes kernel source code, leverages LLMs for specification creation, and uses feedback for iterative improvement. This approach has successfully identified 24 new kernel bugs, including 11 with assigned CVEs, and many of its generated specifications have been integrated into the official Syzkaller repository.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">advanced</category>
    <pubDate>Thu, 16 Apr 2026 21:03:37 +0000</pubDate>
  </item>
  <item>
    <title>ksmbd: Fuzzing Improvements and Vulnerability Discovery</title>
    <link>https://blog.doyensec.com/2025/09/02/ksmbd-2.html</link>
    <guid isPermaLink="true">https://blog.doyensec.com/2025/09/02/ksmbd-2.html</guid>
    <description>Library for improving fuzzing and discovering vulnerabilities in `ksmbd`, an SMB server implementation. This resource details techniques for expanding the attack surface by enabling configuration options like durable handles, oplocks, and SMB2 leases, and discusses fuzzer improvements. It specifically mentions patching NTLMv2 authentication, adjusting connection limits, and simulating valid SMB state transitions by parsing responses for TreeIDs and SessionIDs. The library also leverages protocol specifications to build grammars for commands like SMB2 IOCTL requests and explores fuzzing strategies such as focused area fuzzing to target specific code paths like `smb_check_perm_dacl`, which led to the discovery of integer overflows.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Thu, 16 Apr 2026 21:03:37 +0000</pubDate>
  </item>
  <item>
    <title>AFL++ Fuzzing in Depth</title>
    <link>https://aflplus.plus/docs/fuzzing_in_depth/</link>
    <guid isPermaLink="true">https://aflplus.plus/docs/fuzzing_in_depth/</guid>
    <description>Library for instrumenting and fuzzing source code targets with AFL++. This guide details the three-step process: compiling with special compilers like `afl-clang-lto` or `afl-gcc-fast`, preparing an input corpus, and executing the fuzzing process. It also covers compiler selection based on available versions (LLVM 11+, GCC 5+) and instrumentation options such as `laf-intel`, `redqueen`, and selective instrumentation via `allowlist.txt` or `denylist.txt` to optimize fuzzing efficiency.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">intermediate</category>
    <pubDate>Thu, 16 Apr 2026 21:03:36 +0000</pubDate>
  </item>
  <item>
    <title>The Fuzzing Book: Generating Software Tests</title>
    <link>https://www.fuzzingbook.org/</link>
    <guid isPermaLink="true">https://www.fuzzingbook.org/</guid>
    <description>Library of practical examples and executable code, &quot;The Fuzzing Book&quot; teaches automated software testing techniques. It covers random fuzzing, mutation-based fuzzing, and grammar-based test generation, illustrated with Python code. The resource is suitable for university courses, supplementary material, or as a developer tool, and has been credited with finding over 2,600 bugs in JavaScript interpreters for browsers like Firefox, Chrome, and Edge.</description>
    <category>Fuzzing</category>
    <category domain="difficulty">beginner</category>
    <pubDate>Thu, 16 Apr 2026 21:03:35 +0000</pubDate>
  </item>
</channel>
</rss>