This is what we delivered this month, our latest events, workshops and presentations. Enjoy!
New Challenges 
- Middleware.js inpsired by CVE-2025-29927 in Next.js.
- Pin.github inspired by tj-actions and reviewdog incidents
- Curl Eval.github
- Script Injection.github
- Forbidden Command.github
- TocTou.cpp and TocTou.c inspired by CVE-2025-23359 - The NVIDIA Container Toolkit Vulnerability
- Null Pointer Dereference.cpp
- Dangling Pointer.cpp
- Command Injection.cpp
- Uninitialized Var.cpp
- Use After Free.cpp
- Integer Overflow II.cpp
- Heap Buffer Overflow.cpp
- Format String.cpp
- Stack Buffer Overflow.cpp
- Subaru.py inspired by Subaru Starlink Vulnerability
- Compare.go inspired by Google Keyczar Crypto Vulnerability
Platform
- Dr.SecDim: we introduced an AI mentor for secure learning
- Add Cloud Developer Environment (CDE) support to SecDim Learn
- Add file explorer for challenge solution hints
- Extract training data from dashboard
- Show game completion data for each user in the dashboard
- Add file explorer for user challenge solutions in the dashboard
Blog
- LLM security is broken, here is the data
- What is wrong with Escaping or Input Sanitization
- LLM to RCE using "broken pickles"
Events
Our upcoming events
Backdooring LLMs on Huggingface: Trends and Live Secure Coding @ SecTalks Singapore- AI Wargame @ BlackHat Asia 2025
- Workshop: Fix the Flag - Proactively Defending your software