🔥The 9th Round of Easy Loan, Earn $40 Reward is in progress❗️ ⏰ Promotion Period: January 15th - Feburary 15th, 2025 👉 Register now and check more details at gate.io/campaigns/358

Such a great chance to work with DonggeLiu and the Google Open Source Security team to make concrete impact on software security in general and #fuzzing in particular. Highly recommended!

Do you know that we Computing & Information Systems UniMelb have two opening positions for academics working in security & privacy? Come join us jobs.unimelb.edu.au/en/job/919475/…. The working environment is just awesome — very supportive and collaborative. My DMs are open if you would like to know more :)

Need a fuzzing harness? No time to write one? Tired of false-positives? Let OGHarn lead the way to bug discovery!🐞 I'm excited to share my first paper(with Stefan Nagy)"No Harness, No Problem: Oracle-guided Harnessing for Auto-generating C API Fuzzing Harnesses" at ICSE 2025!

OGHarn mutationally generates harnesses and uses 3 oracles of behavior to determine both their utility and validity, leading to the discovery of 41 new bugs(with zero false-positive crashes)! Paper: futures.cs.utah.edu/papers/25ICSE-… Source: github.com/FuturesLab/OGH… Happy Fuzzing! 🐛

I am looking to recruit a PhD student (fully funded at UK home tuition rate) to work on automated testing and verification of machine learning compilers and runtimes! Deadline: 30th April. Please spread the word! Details here: doc.ic.ac.uk/~afd/PhD-Adver…

Applications for our teaching and research position at Uni of Queensland close this Friday 28 March, 11pm AEST. An exciting opportunity to help start something meaningful, between two countries that value academic freedom. Please forward to anyone interested and eligible.

Peking University's summer school for international students is an opportunity to explore cutting-edge CS research and learn about Chinese culture. Deadline: April 20, 2025 Peking University School of Computer Science

🎉 Excited to share our paper "Trailblazer: Practical End-to-End Web API Fuzzing (Registered Report)" was accepted to the Fuzzing Workshop 2025! It's the final piece from Lianglu Lianglu's thesis, co-advised by Shaanan Cohney, Toby Murray, and me. See you in Trondheim this June! 🇳🇴

Harden and Catch for Just-in-Time Assured LLM-Based Software Testing: Open Research Challenges arxiv.org/abs/2504.16472 Paper with Mark Harman and Shubho Sengupta to go with our keynote at the Foundations of Software Engineering (FSE) 2025 conference in June.

Delighted to receive an ACM SIGSOFT Distinguished Award for this work! Proud of Shrey Tiwari and the REU students visiting the PASTA lab :-)

Awesome job by my PhD student gabe sherman presenting his work on Oracle-guided C Fuzzing Harness Generation! ICSE TLDR; 41 new bugs (40 now patched)... with 0 false positives! Paper: futures.cs.utah.edu/papers/25ICSE-… Slides: futures.cs.utah.edu/papers/25ICSE-… Code: github.com/FuturesLab/OGH…

We're excited to announce two keynote speakers for the #FUZZING'25 workshop (part of ISSTA Conference at Trondheim, Norway): [*] Will Wilson, CEO and Co-Founder of Antithesis [*] Miryung Kim, Professor and Vice Chair of Graduate Studies at UCLA Computer Science conf.researchr.org/home/issta-202…

The brain behind #Fuzzing every(5G) layer, everywhere (including #DEFCON32) and over-the-air will appear in IEEE TDSC. Feel free to use the open source tool, it is quite popular. Tool: github.com/asset-group/5g… Brain: asset-group.github.io/papers/5Ghoul.… #5G #Fuzzing #Wireless #CyberSecurity

Please consider submitting your works to RAID'25 Posters track, which is due on July 15 AoE. If you have any questions, please contact me or Jason Xue (CSIRO's Data61) as the co-chairs.

🚨 Our amazing #FUZZING'25 keynotes are online! "Constraining Fuzzing without Paying Too Much" by Miryung Kim youtu.be/L90MBb6NLBE "Are you sure you belong in academia?" by Will Wilson youtu.be/qQGuQ_4V6WI // Marcel Böhme👨‍🔬, László Szekeres, Rohan Padhye, Ruijie Meng

The code for building and updating the ARVO dataset, a collection of over 5000 memory safety vulnerabilities in open source software, is now open source! Link in reply :)

I wonder how you would feel and respond, as a reviewer, if you saw 3–4 papers submitted to the same venue that target the same problem from slightly different angles, with slightly varied problem statements, but ultimately use almost identical solutions (eg.LLMs as a magic wand)?

As a billards/pool lover (but a bad player), this creative shot really impresses me youtu.be/iqTCHfJ5Dvs?t=…. Interestingly, this is like #fuzzing --- we need to reach the buggy location first (ball 1), then satisfy hard-to-solve constraints (ball 2), and finally hit bugs (ball 3)

Today as part of our commitment to transparency in this space, we are proud to announce that we have reported the first 20 vulnerabilities discovered using our AI-based "Big Sleep" system powered by Gemini — goo.gle/bigsleep