Introducing our newly improved course pages! 💥 🔗 offs.ec/4kwKrMm We've made it easier to understand what each course offers, how it prepares you for the exam, which job roles it can lead to, and what you can expect from the Learning Library. You'll also find student

How do you evaluate cybersecurity talent today? 👀 “I’ve done privilege escalation.” “I’ve worked on red team projects.” “I perform well under pressure.” You’ve heard it all before. But how do you know it’s true? At OffSec, we focus on showing, not telling. Our labs and

#BlackHatUSA is almost here, and seats for our live training sessions are selling fast! 🔥 In partnership with Applied Technology Academy, our exclusive #BlackHat Training Partner, here are the upcoming sessions: 🐉 PEN-200: offs.ec/40N7Oua 🕷️ WEB-300: offs.ec/4kzBNNr 💀

🐝⬆️ Ready to level up your OSTH exam prep? Join us for our next #OffSecLive session designed to help you navigate the OSTH exam with clarity and confidence! We’ll break down the exam structure, highlight key topics, and share effective preparation strategies. Learn how to

Deep Dive: CVE-2024-12029 (Critical RCE in InvokeAI) ⚠️ CVSS 9.8 | EPSS 61.17% An unprotected API + unsafe torch deserialization = full system takeover. Attackers can host malicious model files and trigger remote code execution via the /api/v2/models/install endpoint. No auth

Dragon Drop: this week's NEW releases 🐉🚨🔥 🪲 New CVE labs: → CVE-2025-27636_Attack: lnkd.in/exPHWinw → Defend CVE-2025-27636: lnkd.in/edV-hqbR → CraftStorm_Attack: lnkd.in/eAYZQ9fw → Defend CraftStorm: lnkd.in/eY-z8AVA 🧪 Other new labs: →

✅ Excited to share that I’ve officially passed the OSCP+/OSCP certification!! OffSec #OSCP #CyberSecurity #EthicalHacking #OffensiveSecurity #InfoSec #ProfessionalDevelopment

Calling all learners in Taiwan! 🚨🇹🇼 We're excited to announce live training sessions in Taiwan, brought to you by OffSec & Devcore (DEVCORE), one of our training partners. The sessions, running between August 18 and 22, will cover PEN-300, EXP-401, and WEB-300 ⛓️‍💥💀🕷️

🚨 Could you spot a phishing email? Follow “Bad Luck Ben” and “Technical Tina” as they uncover a real-world scenario inside MegaCorp One. You’ll learn: 🎣 How phishing attacks are crafted and executed 🔍 What attackers are looking for (hint: it’s more than your password) ⚠️ The

#BlackHatUSA is just one week away, and we have some spaces remaining in our WEB-300 live training session! 🕷️ As prep for the #OSWE certification, the session will help you to: 🧠 Tackle real-world attack vectors 💥 Exploit misconfigurations and logic flaws 🛠️ Get hands-on with

"It's not about having the answers given to you. It's about being willing to explore, to struggle, and learn from setbacks. The answer is often right there, just experiment until you find that breakthrough." 🎧 Want to listen to our latest #TryHarder podcast? Check it out here:

Congratulations, ProwlSec 👏⛓️‍💥

Congratulations, Kamaldeep Singh Rajal! 👏🏆 To continue with our Try Harder monthly series, we're celebrating dedicated individuals who embody the spirit of #TryHarder. This month, we’re recognizing Kamaldeep, who now holds the OSCP & OSWE 🐉🕷️ "This journey was truly tough

When the alerts are quiet but your inner panic is loud 👀🔔

Dragon Drop: this week's NEW releases 🐉🚨🔥 💥 New modules: → PEN-200 | Extra Mile: Offensive Cloud Lab 03: portal.offsec.com/learning-modul… → EXP-301 | VMware Workstation Guest-To-Host Escape: portal.offsec.com/learning-modul… 🪲 New CVE labs: → CVE-2025-24801: portal.offsec.com/machine/cve-20… →

Introducing Talent Finder 🔍💎 🔗 offs.ec/46vPTMk Whether you're building elite cybersecurity teams or looking to join one, #TalentFinder connects the dots. Now available for hiring managers & job seekers. 👩‍💼 For hiring managers: Tap into a verified pool of

CVE-2025-30208 (Vite @ fs Path Traversal Bypass) 🔗 offsec.com/blog/cve-2025-… A crafted ?import&raw?? query tricks Vite’s dev server into leaking files via ES module exports. Attackers can read sensitive files like /etc/passwd if the dev server is exposed. No auth required.

5 tips to get you hired in cybersecurity! 👀 1️⃣ Master and prove your craft 2️⃣ Increase your visibility with #TalentFinder 3️⃣ Tell your story, authentically 4️⃣ Build connections, stay connected 5️⃣ Gain cybersecurity experience 🔗 offsec.com/blog/get-notic…