News

Latest product updates and announcements

08/04/2025

What's new? April 2025

This is what we delivered this month, our latest events, workshops and presentations. Enjoy! New Challenges Middleware.js inpsired by CVE-2025-29927...

02/04/2025

The Chrome Swiftshader Vulnerability

In May 2018, a critical vulnerability was discovered in Chromium Browser’s SwiftShader renderer, allowing attackers to exploit floating-point precision errors...

26/03/2025

The Google Keyczar Crypto Vulnerability

Google’s Keyczar library suffered from a timing side-channel vulnerability involving its HMAC signature verification. Specifically, the default HMAC-based “compare” operation...

26/03/2025

CVE-2025-29927: Next.JS Authorization Bypass Secure Coding Challenge

In light of the newly identified Next.js authorization bypass (CVE-2025-29927), we’re making our “Middleware.js” secure coding challenge completely free to...

25/03/2025

Free GitHub Actions Challenge for tj-actions & reviewdog Incidents

In light of the recent tj-action and reviewdog GitHub Actions security incidents, we’ve made our “Improper Artifact Integrity Validation” CI/CD...

24/03/2025

Why We’ve Introduced an AI-Powered Secure Code Learning Mentor

It’s no secret: large language models (LLMs) are transforming how developers write code, ship features, and even fix vulnerabilities. But...

20/03/2025

CVE-2025-23359 - The NVIDIA Container Toolkit Vulnerability

Researchers from Wiz, Shir Tamari, Ronen Shustin, and Andres Riancho have uncovered a bypass for a previously fixed security vulnerability...

10/03/2025

Why Secure Code Training Sucks

Your secure code training has already failed, if making it mandatory is the only way to get your developers onboard....

05/03/2025

Hacking Subaru - The Subaru Starlink Hack

On November 20, 2024, Shubham Shah and Sam Curry discovered that Subaru’s STARLINK connected vehicle service was found to contain...