We're joining forces with industry & academia to call for memory safety standardization: It's a recognition that memory unsafety is no longer a niche technical problem but a societal one, impacting everything from national security to personal privacy.

RT @GoogleVRP: 🛡️Want to help make the open source world safer and earn up to $45k 💰? . We've revamped our Patch Rewards Program, extending….

RT @GoogleVRP: Celebrating 15 years of password hacking 💻 🔑, Swiss Army knives (and sometimes even chainsaws or swords) included! 😲 . Disco….

RT @kinu: Bounds-checking in C++: so people ask if the .3% overhead is real. It's not just a benchmark result, we got this through our Goog….

The best part? It's incredibly cost-effective, with an average performance overhead of just 0.30%. So there's really no reason not to do it if you're running C++ code :).

This improves spatial memory safety across Google's services, including performance-critical components of Search, Gmail, Drive, YouTube, and Maps. We've already seen it disrupt a red team exercise, reduce segfaults by 30%, and improve code correctness.

Excited to share our latest post on memory safety! We're tackling spatial safety in our massive C++ codebase by hardening libc++ *by default*. It adds bounds checks to things like std::vector, preventing a fair bit of out-of-bounds vulnerabilities:

RT @we1x: The dedication and hard work has payed off: "for hundreds of complex web applications that are built on Google’s hardened and saf….

RT @durumcrustulum: Percentage of codebase that's memory-safe 📈, memory-safety vulns 📉, .EVEN IF YOU KEEP ADDING LINES OF C 🤯.

Excited to share Google's memory safety strategy! We're working to build safer software by migrating to memory-safe languages like Rust as well as hardening our existing C++: We'll be sharing more details in upcoming posts.

Google CVR is doing incredible vulnerability research.

RT @tylerni7: Released a blog about our @theori_io AIxCC experience! @tjbecker_ and I were hoping to have more inf….

The drop in Android's memory safety vulnerabilities is astonishing. It's counterintuitive, but prioritizing memory-safe languages in new code quickly reduces memory-safety risks. Once we turn off the tap of new vulnerabilities, they start decreasing exponentially.

RT @amlweems: Excited to share this blog post about server-side memory corruption that my team exploited in production. Shout-out to @scan….

RT @royalhansen: "just as our efforts to eliminate XSS attacks through tooling showed, removing large classes of exploits both directly ben….

RT @royalhansen: Today I spoke on the importance of Secure by Design on behalf of @Google alongside @CISAgov @FDD @VenableLLP & more. We al….

RT @GoogleVRP: Ever struggle with C++ buffer issues? Spatial Safety is one of the main root causes for in-the-wild exploits! Read more abou….

RT @caseyjohnellis: this is a big one… if you have opinions on this, make sure that they are heard 👀. Fact Sheet: Office of the National Cy….

RT @perribus: I’m excited to announce the AI Cyber Challenge, a major, two-year @DARPA competition challenging the best and the brightest i….

RT @argvee: Announced at the #BlackHat keynote: @Google, @OpenAI, @Anthropic, and @Microsoft will collaborate with @DARPA for its AI Cyber….