DigiNews

Summary

Andrea Pivetta recounts findings from security analyses of a small WASM runtime in Go called Epsilon, detailing more than 20 vulnerabilities uncovered by AI agents. The post outlines three notable exploits that bypass sandboxing, explains underlying WASM security concepts, and describes the debugging methodology and fixes, highlighting the importance of secure host interactions and rigorous auditing in open-source projects.