Jun 27, 2025
June 2025 Content & Platform Update
Welcome to the OffSec June 2025 content update! Find the full scoop inside.
OffSec Team
June brought a fresh wave of learning content: from practical GRC modules and deep-dive labs to new challenge-based experiences, all designed to keep your skills sharp and ready for what’s next.
We released two new Learning Paths during June!
The Cybersecurity Survival Guide is OffSec’s take on Cyber Literacy. The content (only 1 module for now focused on Phishing) is video based, using a scenario format to explain cyber threats in real-world terms. It contains examples, that show viewers how attacks happen to lift the veil and assist non-technical users to understand the mechanics behind cyber attacks.
This equips non-technical audiences with the knowledge needed to be able to protect themselves better.
Governance, Risk, and Compliance (GRC) for Cybersecurity introduces the GRC model within cybersecurity. It covers cyber threats, quantitative risk assessment, governance structures, compliance obligations, and control objectives. Through case studies like MegaCorpOne, it illustrates applying frameworks such as NIST CSF, ISO 27001, SOC 2, HIPAA, PCI DSS, and FAIR, emphasizing decision-making, accountability, and aligning cybersecurity with business goals.
PEN-300 Book Module
Duration: 120 minutes
IR-200 Video Module
- Incident Response Case Management Video
- Incident Eradication and Recovery
LIB-100
Duration: 100mins
Duration: 60mins
Duration: 60mins
EXP-301
Duration: 180mins
Offensive Cyber Range
- CVE-2025-25362
- CVE-2025-2825
- AppSmith (CVE-2024-55963)
- CVE-2025-24893
- YesWiki (CVE-2025-31131)
- CVE-2025-3248 – Langflow
- CVE-2025-30208
- CVE-2025-27520
- CVE-2024-21683
- CVE-2025-49113
Proving Grounds
Defensive Cyber Range
- Deep Dive into PDF Files 2
- Intro to WinHex and Hex Editors
- Case: Ransomware Investigation
- Intro to Linux Malware
- Cloud Forensics
- Advanced Browser Forensics
- Network Forensics to Determine Exfiltrated Data
TH200 – Challenge Labs
- Challenge Lab 2
That’s it for this month! Stay tuned for more updates coming soon, and as always, thanks for being part of the OffSec community.
Stay in the know: Become an OffSec Insider
Get the latest updates about resources, events & promotions from OffSec!
Latest from OffSec
Research & Tutorials
CVE-2024-39914 – Unauthenticated Command Injection in FOG Project’s export.php
Discover details about CVE-2024-39914, a critical unauthenticated command injection vulnerability in FOG Project ≤ 1.5.10.34. Learn how attackers can exploit export.php to execute system commands or deploy persistent webshells.
Jun 26, 2025
2 min read
OffSec News
What It Really Means to “Try Harder”
Discover how OffSec’s “Try Harder” mantra evolved into a mindset, and how it helps learners build grit, creativity, and real-world problem-solving skills.
Jun 23, 2025
7 min read
Research & Tutorials
CVE-2025-3248 – Unauthenticated Remote Code Execution in Langflow via Insecure Python exec Usage
CVE-2025-3248 is a critical RCE vulnerability in Langflow that allows unauthenticated attackers to execute arbitrary Python code via unsanitized input to exec(). Learn how it works and how to protect your system.
Jun 18, 2025
2 min read