Ranzgruppe got some updates.
You can read it in the news of the site.
Another challenge related news:
found two security vulnerabilites in gdo6-session-cookie
Jusb3 managed to spoof cookies via Padding Oracle Attack
and also would be able to read the contents of the encrypted cookie via CRIME
The cipher i used is/was aes-256-cbc
Both issues have been fixed by Jusb3 via two pull requests.
Thanks from my side to you, Jusb3!