During April 2025, Michael Leimgruber focused on backend security within the plone/plone.restapi repository, addressing a critical bug in the Schema Serializer. He identified and resolved an issue where protected fields could be exposed due to incorrect permission checks. By implementing permission caching directly on the serializer instance and updating all relevant permission check sites, he ensured proper access control and reduced the risk of unauthorized data exposure. This work, carried out in Python and leveraging skills in API development and security, improved both the reliability and maintainability of the codebase, with potential performance gains from the new caching approach.