Blog
News and updates from OffSec
Apr 11, 2025
6 min read
How OSCP Holders Can Lead Their Teams to Greater Cybersecurity Resilience
Champion OSCP training in your organization to build a unified, resilient security team.
Research & Tutorials
CVE-2024-57727: Path Traversal Vulnerability in SimpleHelp Web Application
CVE-2024-57727 lets attackers read sensitive files via path traversal in SimpleHelp. Learn more about how attackers exploit this flaw.
Apr 10, 2025
3 min read
Penetration Testing
AI Penetration Testing: How to Secure LLM Systems
Explore how AI penetration testing enhances LLM security, addressing unique vulnerabilities and improving cyber defenses.
Apr 3, 2025
8 min read
Research & Tutorials
CVE-2024-9956: Critical WebAuthentication Vulnerability in Google Chrome on Android
Discover CVE-2024-9956, a critical Chrome flaw on Android allowing Bluetooth-based PassKey theft, and learn key mitigation strategies.
Mar 26, 2025
3 min read
OffSec News
Learn Secure Java Development with OffSec’s New Course
Master secure Java coding with OffSec’s SJD-100 course. Enhance app security and gain hands-on experience to secure your coding practices.
Mar 18, 2025
4 min read
Insights
Creating an Inclusive Cybersecurity Culture
Transform your cybersecurity culture by strategically improving women’s representation and cultivating meaningful inclusion.
Mar 17, 2025
4 min read
Research & Tutorials
PostgreSQL Exploit
Sharpen your hacking skills! Learn from our walkthrough of a PostgreSQL exploit in the Nibbles machine on PG Practice.
Mar 12, 2025
4 min read
Insights
Empowering Women in Cybersecurity: How Education and Training Are Key
While women represent only 24% of the cybersecurity workforce, hands-on training is changing the game.
Feb 28, 2025
5 min read
Insights
Women in Cybersecurity Leadership: Inspiring Role Models at the Top
Celebrate Women’s History Month by recognizing the women shaping cybersecurity and driving innovation in the industry.
Feb 24, 2025
11 min read
Federal
Addressing the Unique Cybersecurity Challenges Faced by Government Agencies
Explore the unique cybersecurity challenges government agencies face and how tailored strategies can protect national security and public trust.
Feb 12, 2025
8 min read
Enterprise Security
Building a Cyber-Resilient Public Sector Through Hands-on Security Training
Learn how hands-on cybersecurity training equips public sector teams to protect critical infrastructure, featuring real-world cases from Atlanta, Oldsmar, and Texas that demonstrate why practical experience trumps theoretical knowledge alone. Discover why agencies are moving beyond certifications to combat-ready security training.
Feb 5, 2025
4 min read
Research & Tutorials
CVE-2025-21298: A Critical Windows OLE Zero-Click Vulnerability
Explore CVE-2025-21298, a critical Windows OLE zero-click flaw enabling RCE via email. Learn its risks, impact, and how to defend against attacks.
Feb 3, 2025
3 min read
Research & Tutorials
My Journey with IR-200: Becoming an OffSec Certified Incident Responder (OSIR)
Embark on a journey to become an OffSec Certified Incident Responder (OSIR) through the IR-200 course, as described by a Student Mentor who tested its effectiveness.
Jan 24, 2025
6 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity.