🚨In light of the recent tj-action and reviewdog GitHub Actions security incidents, we’ve made our “Improper Artifact Integrity Validation” CI/CD challenge for GitHub Actions completely free to access. Try the challenge here: play.secdim.com/game/cicd/chal… #github #reviewdog #security

Wiz Researchers Shir Tamari, Ronen Shustin, and Andres Riancho uncovered a bypass in the NVIDIA Container Toolkit, tracked as CVE-2025-23359. It exploits a Time-of-Check Time-of-Use flaw. We made a challenge recreating this 👉 bit.ly/secdimnvidia #appsec #programming #cpp

🚨We’ve made our “Middleware.js” secure coding challenge available to the community 🎉 it is based on CVE-2025-29927: Next.js Authorization Bypass. Stay secure & test your skills: play.secdim.com/game/javascrip… #securecoding #nextjs #cve202529927 #challenge

Google’s Keyczar library suffered from a timing side-channel vulnerability with its HMAC signature verification. Allowing an attacker to guess the correct HMAC signature. We made a challenge for it, can you fix it? 👉bit.ly/secdimkeyczar #appsec #programming #securecoding

In May 2018, a critical vulnerability in Chromium Browser’s SwiftShader renderer exposed sensitive information due to floating-point precision errors. We made a challenge recreating this, think you can fix it? 👉 bit.ly/secdimswiftsha… #appsec #programming #securecoding

As mentioned in our Seasonal Preview, we are pleased to announce that we now have Github CI/CD Challenges on SecDim Play! Check them out now! 👉 bit.ly/secdimcicd #securecoding #appsec #programming

In June 2013, Spotify encountered an unusual security vulnerability involving Unicode username normalization, which allowed attackers to hijack user accounts. We made a challenge about this; can you fix it? 👉 bit.ly/secdimspotify #appsec #programming #securecoding #python

Thinking of Electron in your Frontend Development? Electron Challenges are now available on SecDim Play. See how vulnerabilities in your Electron code can compromise your system and learn how to fix them. 👉 bit.ly/secdimelectron #securecoding #appsec #programming #js

In August 2019, Felix aka [xi-tauw] & Matt Nelson reported a privilege escalation vuln in Valve's Steam client for Windows that allows arbitrary code execution with maximum system privileges. We made a challenge for this; can you fix it? 👉 bit.ly/secdimcashedup #appsec #programming

We will be hosting a workshop at NDC Melbourne 2025 🇦🇺 Drop by to say Hello 👋 👉 bit.ly/secdimndcm25 #ndc #melbourne #appsec #securecoding

Have you tried our new Exploitation Challenges for Solidity? We flip the script on our Secure Coding, this time you need to write an effective exploit that can bypass the smart contract security. 👉 bit.ly/secdimsolexpl #securecoding #appsec #programming #crypto #solidity

In June 2016, StackOverflow faced a server outage exceeding 30 minutes caused by a regex security vulnerability exploited by a malicious post. We made a challenge recreating this, think you can fix it? 👉 discuss.secdim.com/t/stack-overfl… #securecoding #appsec #stackoverflow #regex

Since day one @SecDim has been about making secure code learning accessible to all devs. Now we go one step further: ⚡ Free access for open source projects & volunteer-run meetups We use OSS. We give back. secdim.com/open-source/ #OpenSource #AppSec #SecureCoding

Something different this time: Shells, Scripts & Syn-Floods: An Unfiltered AMA - SecTalks SYD0x5D (93). Tue 8th July. #meetup #cybersecurity meetup.com/sectalks/event…

Build Challenge. Win Prize!

In March 2025, Rachid & Yasser disclosed a critical vulnerability in Next.js: CVE-2025-29927. Allowing middleware auth bypass, and access to sensitive data. We made a challenge of it. Available in our Weekly game for 2 weeks. 👉 bit.ly/4f1BA4t #appsec #securecoding

We will be hosting an AI Wargame at #blackhat USA 2025 🇺🇸 Join in on the experience of firsthand security weaknesses of GenAI. Prizes are sponsored by Black Hat 🎁 Laptops are provided, only participation is required 👉 secdim.com/news/secdim-ai… #appsec #ctf #securecoding

We will be hosting a Fix The Flag contest with AppSec Village at DEF CON 33 this week. 👉 Go Check it out: secdim.com/defcon Our biweekly incident inspired challenges will resume after this contest. #appsec #defcon #ctf

Shout out to m4r10r0s51.sec for their challenge contributions to AppSec Village Fix the Flag CTF at DEF CON 33 We are featuring the contributions by them in our Bi-Weekly Incident Game for everyone to try! Check it out: 👉 play.secdim.com/game/weekly-in… #web3 #appsec #blockchain

Congratulations to Galoget for a 1st place finish at AppSec Village Fix the Flag competition at DEF CON 33 🏆 Honorable mention to Ceevase for being the Runner up. Shout out to zi0Black and @[email protected] for being the Challenge Contribution Winners 🧱 #appsec #programming #ctf