Excited to share two new #fuzzing technical reports from my group! 🔹 InsightQL: Advancing Human-Assisted Fuzzing with a Unified Code Database and Parameterized Query Interface 🔹 DynamiQ: Unlocking the Potential of Dynamic Task Allocation in Parallel Fuzzing (tool released!) 1/n

How to scale automatic security testing to arbitrary systems? * Manually writing fuzz drivers doesn't scale. Auto-generating them gives false positives 🤷‍♂️ * Invivo-fuzzing requires the system configured and the target component executed 👩‍💻 Can we auto-generate these executions?

Really excited to finally announce CodeMender! As part of this we've already submitted and upstreamed several patches to OSS projects via OSS-Fuzz. Check out our post at: https://t.co/qgnroQyIzN There will be more technical details and exciting announcements to come!

@sangkilc This work is lead by Wenqi Yan in collaboration with Toby and Ben. Our preprint of DynamiQ is now available at https://t.co/3nWEyT1olF, with the tool released at https://t.co/qtL1TvX2ts. Check it out and happy #fuzzing 5/5.

@sangkilc DynamiQ is a full-fledged successor to AFLTeam, enabling dynamic and adaptive parallel fuzzing. Built on LibAFL with practical optimizations, it uncovered 9 previously unknown bugs in popular projects, including the well-tested SQLite. 4/n

Our preprint of InsightQL is available at https://t.co/oR6fIxElec. Kudos to Wentao Gao for leading this work in great collaboration with Renata, @sangkilc, and Tian. The framework will be released upon paper acceptance. 3/n

InsightQL supercharges CodeQL with run-time data from fuzzing, enabling reasoning about & fixing fuzz blockers. With a unified code database and parameterized query interface, InsightQL helped remove fuzz blockers in popular OSS projects, boosting code coverage by up to 13.9% 2/n

Looking for a PostDoc, a PhD, and 3-6mth interns as part of my ERC project. Homepage: https://t.co/fPr9gVYYIK Böhme Lab: https://t.co/TLd4TstfJF Reach out if you find this interesting. 👇

Incredible to have helped build the first AI system to reach #1 in the US on @Hacker0x01 ! We found a LOT of great bugs :D

Today as part of our commitment to transparency in this space, we are proud to announce that we have reported the first 20 vulnerabilities discovered using our AI-based "Big Sleep" system powered by Gemini —

As a billards/pool lover (but a bad player), this creative shot really impresses me https://t.co/OmLqMJOaaA. Interestingly, this is like #fuzzing --- we need to reach the buggy location first (ball 1), then satisfy hard-to-solve constraints (ball 2), and finally hit bugs (ball 3)

I wonder how you would feel and respond, as a reviewer, if you saw 3–4 papers submitted to the same venue that target the same problem from slightly different angles, with slightly varied problem statements, but ultimately use almost identical solutions (eg.LLMs as a magic wand)?

The code for building and updating the ARVO dataset, a collection of over 5000 memory safety vulnerabilities in open source software, is now open source! Link in reply :)

🚨 Our amazing #FUZZING'25 keynotes are online! "Constraining Fuzzing without Paying Too Much" by Miryung Kim https://t.co/HnTgP4LGTX "Are you sure you belong in academia?" by Will Wilson https://t.co/4dOabzNKW2 // @mboehme_, @lszekeres, @moarbugs, @RuijieMeng

I'm looking for PhD students starting Fall 2026! If you're interested in automated testing and trustworthy program verification, feel free to reach out via email or come chat with me at ISSTA/FSE next week!

Please consider submitting your works to RAID'25 Posters track, which is due on July 15 AoE. If you have any questions, please contact me or Jason Xue (CSIRO's Data61) as the co-chairs.

The brain behind #Fuzzing every(5G) layer, everywhere (including #DEFCON32) and over-the-air will appear in IEEE TDSC. Feel free to use the open source tool, it is quite popular. Tool: https://t.co/bgPYbSNvD5 Brain: https://t.co/OR75q2CMP3 #5G #Fuzzing #Wireless #CyberSecurity

We're excited to announce two keynote speakers for the #FUZZING'25 workshop (part of @issta_conf at Trondheim, Norway): [*] Will Wilson, CEO and Co-Founder of @AntithesisHQ [*] Miryung Kim, Professor and Vice Chair of Graduate Studies at @UCLAComSci https://t.co/8To2yddxXa

Awesome job by my PhD student @gabe_sherman6 presenting his work on Oracle-guided C Fuzzing Harness Generation! @ICSEconf TLDR; 41 new bugs (40 now patched)... with 0 false positives! Paper: https://t.co/dqCb3y9Cjy Slides: https://t.co/ovZTXYIcyv Code: https://t.co/IUASTjVkRo

Delighted to receive an ACM SIGSOFT Distinguished Award for this work! Proud of @shrey_twr and the REU students visiting the PASTA lab :-)