Automated offensive security for high-stakes industries.https://verialabs.com/https://verialabs.com/blog/pwning-pydantic-monty/https://verialabs.com/blog/pwning-pydantic-monty/Pydantic offered $5,000 to escape Monty, their Rust-built Python sandbox for AI agents. We chained two GC bugs into a use-after-free and walked away with the bounty.Thu, 07 May 2026 00:00:00 GMThttps://verialabs.com/blog/securing-open-source-part-2-cracking-kraken/https://verialabs.com/blog/securing-open-source-part-2-cracking-kraken/Malicious dApps can impersonate trusted apps and disguise Solana transactions as harmless message signatures, allowing potential fund theft when chained together.Fri, 10 Apr 2026 00:00:00 GMThttps://verialabs.com/blog/securing-open-source-part-1-block-goose/https://verialabs.com/blog/securing-open-source-part-1-block-goose/We found a 1-click RCE in Block's Goose AI agent - any website could silently execute commands on your machine.Tue, 24 Mar 2026 00:00:00 GMThttps://verialabs.com/blog/announcing-veria-labs-seed-round/https://verialabs.com/blog/announcing-veria-labs-seed-round/We spun out of the #1 hacking team in the US and raised a $3.2M seed to make getting hacked a thing of the past.Mon, 09 Feb 2026 00:00:00 GMThttps://verialabs.com/blog/breaking-fri-in-zkvm/https://verialabs.com/blog/breaking-fri-in-zkvm/How Missing Index Checks Allows Full Proof ForgeryMon, 05 Jan 2026 00:00:00 GMThttps://verialabs.com/blog/from-mcp-to-shell/https://verialabs.com/blog/from-mcp-to-shell/How MCP Authentication Flaws Enable RCE in Claude Code, Gemini CLI, and MoreTue, 23 Sep 2025 00:00:00 GMT