Blog
News and updates from OffSec
Sep 18, 2025
What Is Ethical Hacking?
Learn what ethical hacking is, how it differs from malicious hacking, and why it’s crucial for cybersecurity. Explore tools, certifications, and career paths.
Categories
Penetration Testing
Red Team Exercise
Learn how red team exercises simulate real cyberattacks to test defenses. Discover benefits, implementation steps, and how to strengthen your security posture.
Sep 18, 2025
9 min read
Career Advice
Best Cybersecurity Certifications for Beginners
Discover the best entry-level cybersecurity certifications in 2025. Compare costs, career paths, and earning potential for security certifications from OffSec.
Sep 18, 2025
10 min read
Career Advice
5 Signs You’re Ready for a Career in Cybersecurity
Cybersecurity is one of the most exciting and impactful fields in technology. It offers the chance to solve complex problems, protect critical systems, and make a real difference in how the world stays connected and secure. Every day brings new challenges to explore and new skills to master, making it a career path for those
Sep 9, 2025
4 min read
Product Updates
August 2025 Content & Platform Update
Explore OffSec’s August 2025 Content & Platform Update with new in-browser labs, PEN-300 video modules, GRC, Cloud, and LLM Red Teaming learning paths.
Sep 3, 2025
Research & Tutorials
9 OSCP Study Tips to Help You Succeed
We’ve gathered some of the best OSCP study tips from the community and compiled them into one place to help prepare you for your upcoming exam!
Aug 20, 2025
9 min read
Product Updates
July 2025 Content & Platform Update
Discover OffSec’s July 2025 Update with Application-in-Browser for SJD-100, improved Assessments navigation, enhanced Talent Finder profiles, and new labs.
Aug 13, 2025
Research & Tutorials
CVE-2025-29891 – Apache Camel Exploit via CAmelExecCommandArgs Header Injection
Discover how CVE-2025-29891 impacts Apache Camel via CAmelExecCommandArgs header injection. Learn how attackers exploit this misconfiguration for remote code execution and how to secure your systems.
Aug 8, 2025
2 min read
Research & Tutorials
CVE-2025-30208 – Vite Arbitrary File Read via @fs Path Traversal Bypass
Discover CVE-2025-30208, a critical arbitrary file read vulnerability in the Vite development server. Learn how remote attackers exploit @fs URL handling to access sensitive files.
Jul 31, 2025
1 min read
OffSec News
Get Noticed: 5 Cybersecurity Job Hunt Tips
If you’ve already set your heart on your chosen career path, you might understand that getting noticed by the right employer isn’t always straightforward. When we speak with OffSec learners, many will say that getting the first job is the hardest part. Some candidates will spend 6–12 months job-hunting, applying to hundreds of roles with
Jul 31, 2025
5 min read
OffSec News
Talent Finder: The Smarter Way to Hire and Get Hired
Talent Finder connects certified cybersecurity professionals with companies that value proven skill. It’s a smarter way to hire and get hired.
Jul 31, 2025
4 min read
Research & Tutorials
CVE-2025-27136 – LocalS3 CreateBucketConfiguration Endpoint XXE Injection
Discover how CVE-2025-27136, a critical XXE vulnerability in LocalS3’s CreateBucketConfiguration endpoint, can be exploited to access sensitive files. Learn how the flaw works and how to mitigate it.
Jul 24, 2025
2 min read
Enterprise Security
How OffSec Certifications Help You Hire With Confidence
Hire cyber talent with confidence: OffSec certifications prove candidates can perform under pressure, not just talk the talk.
Jul 21, 2025
5 min read
Join the OffSec Community!
Our community members connect, communicate and collaborate on all things cybersecurity