From the blog.

Insights on cryptography, security research, and software engineering from Symbolic Software.

February 24, 2026
Verifpal Workbench: Protocol Analysis in Your Browser

Verifpal now runs entirely in the browser via WebAssembly. The new Workbench at verifpal.com/workbench lets anyone write, verify, and visualize cryptographic protocol models with zero installation.
February 23, 2026
Verifpal, Rewritten in Rust

After seven years in Go, Verifpal has been completely rewritten in Rust, gaining a new analysis engine, massive performance improvements, a rich terminal interface, and a novel attack strategy that finds more attacks.
February 22, 2026
Security Announcement: Bugs in Noise Explorer's Rust/WASM Code Generation

We've updated Noise Explorer to address two bugs in generated Rust and WebAssembly implementations of Noise Protocol Framework handshake patterns.
February 17, 2026
Even More Bugs in Cryspen's libcrux: ML-DSA

Three findings in libcrux's ML-DSA implementation: a verifier norm check that is dead code due to a wrong constant, a missing bounds check in hint deserialization, and a wrong multiplication specification that renders AVX2 proofs unsound.
February 12, 2026
We Found Bugs in Cryspen's Verified Code

Cryspen said they'd be 'very interested' if someone found a bug in their verified code. We found three.
February 10, 2026
Verifpal Verifies Signal Across Three Messages

Verifpal 0.31.2 ships a major overhaul to active attacker analysis, finally enabling full verification of Signal's three-message protocol.