
Dec 1, 2023
December 2023 Content & Platform Update
Welcome to OffSec’s yearly recap for 2023! Find the full scoop inside.
As we bid farewell to 2023, let’s take a moment to reflect on the phenomenal year we’ve had at OffSec. It’s been an incredible journey of growth and learning in the realm of cybersecurity education.
- OffSec’s brand refresh: We embraced a new identity this year, rebranding as “OffSec.”Our new logo and visual style not only symbolize our growth but also our unwavering commitment to nurturing top-tier cybersecurity talent.
- Expansion of the OffSec Learning Library: We introduced 144 new and 155 updated modules, adding more than 1.1 million words to our library, 175 videos, and broadening our curriculum to include skills in defensive security, cloud security, and secure software development. We also refreshed our flagship course, Penetration Testing with Kali Linux (PEN-200.)
- Learn Enterprise: 2023 marked the debut of Learn Enterprise, offering comprehensive training resources and lab access, tailored for corporate teams to stay ahead in cybersecurity.
- OffSec Cyber Range: A new, dynamic training platform that offers training for both red and blue teams, enabling practical learning in a controlled, realistic environment. In 2023, we deployed 95 OCR Red Machines, and 48 OCR Blue Machines to support enterprise teams with hands-on cybersecurity experiences with exciting new updates to come next year.
- Kali Linux enhancements: Our continuous effort to refine Kali Linux saw multiple updates, introducing new tools and features to keep you at the forefront of cybersecurity tools and practices.
Curious to learn more about our achievements and the exciting developments at OffSec? Check out our detailed blog post, “OffSec’s 2023: A Year of Holistic Cybersecurity Education and Strategic Growth.” It’s a comprehensive look at our year’s highlights and future aspirations.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read

Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read