News

Latest product updates and announcements

16/04/2025

NDC Melbourne 2025 - Secure Coding Workshop

We will be hosting a workshop at NDC Melbourne 2025 Check it out here Fix the Flag - Proactively Defending...

16/04/2025

Steam Client Privilege Escalation

In August 2019, security experts Matt Nelson and Vasily Kravets separately disclosed a privilege escalation reported a privilege escalation vulnerability...

09/04/2025

Spotify Account Takeover Hack

In June 2013, Spotify encountered an unusual security vulnerability involving Unicode username normalization, which allowed attackers to hijack user accounts....

08/04/2025

What's new? April 2025

This is what we delivered this month, our latest events, workshops and presentations. Enjoy! New Challenges Middleware.js inpsired by CVE-2025-29927...

02/04/2025

The Chrome Swiftshader Vulnerability

In May 2018, a critical vulnerability was discovered in Chromium Browser’s SwiftShader renderer, allowing attackers to exploit floating-point precision errors...

26/03/2025

The Google Keyczar Crypto Vulnerability

Google’s Keyczar library suffered from a timing side-channel vulnerability involving its HMAC signature verification. Specifically, the default HMAC-based “compare” operation...

26/03/2025

CVE-2025-29927: Next.JS Authorization Bypass Secure Coding Challenge

In light of the newly identified Next.js authorization bypass (CVE-2025-29927), we’re making our “Middleware.js” secure coding challenge completely free to...

26/03/2025

Free GitHub Actions Challenge for tj-actions & reviewdog Incidents

In light of the recent tj-action and reviewdog GitHub Actions security incidents, we’ve made our “Improper Artifact Integrity Validation” CI/CD...

24/03/2025

Why We’ve Introduced an AI-Powered Secure Code Learning Mentor

It’s no secret: large language models (LLMs) are transforming how developers write code, ship features, and even fix vulnerabilities. But...