
Jan 10, 2025
December 2024 Content & Platform Update
Welcome to the OffSec December 2024 content update! Find the full scoop inside.
As we close out another year, we want to take a moment to reflect on the strides we’ve made and the progress we’ve achieved together. December is the perfect time to pause, celebrate our successes, and look forward to the exciting opportunities that await us in the coming year. To wrap up 2025, we’re thrilled to share a special message from our CEO, offering insights into the growth and accomplishments we’ve seen this year, as well as a glimpse into the future of our company and the industry.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec

Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read

OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read

Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read