Search fresh public links, source activity, and post angles for Hackthebox.
Fresh curated links around hackthebox are collected here so marketers can spot useful updates and turn timely ideas into posts faster.
Recent items include:
Recent curated links from global sources. Generate one free draft from any story, then use SocialBu to schedule and refine your content calendar.
Компания Unintended недавно перевела свою инфраструктуру на Active Directory. Руководство обеспокоено тем, что устаревшие методы и упущенные из виду ошибки конфигурации могут сдела...
Вам поручено провести проверку на проникновение в компанию Puppet Inc. Компания не разрешает передачу данных за пределы внутренней сети, поэтому внутри компании был создан сервер у...
Годная машина на тему Windows AD, Kerberos. В начале разведки получаем доступ к гостевой шаре. Оттуда достаем файл с паролем, но не знаем от какой учетной записи. Проводим разведку...
North Korea-linked hackers are using AI-assisted malware and backdoored coding challenges to quietly loot millions in cryptocurrency from Web3 developers. Expel assesses with high...
📰 Originally published on SecurityElites — the canonical, fully-updated version of this article. DAY 14 🎯 BUG BOUNTY COURSE FREE Part of the 60-Day Bug Bounty Master...
Hackers have left a live Twitter/X credential‑stuffing botnet effectively unlocked, exposing its full command‑and‑control stack, worker fleet, and root passwords to anyone who know...
Intro A sophisticated, high-resilience malicious campaign was identified by Atos Threat Research Center (TRC) in March 2026. This operation specifically targets the high-privilege...
A large-scale credential harvesting operation has been observed exploiting the React2Shell vulnerability as an initial infection vector to steal database credentials, SSH private k...
Hacking Is Personal is an immersive hacking simulation that puts you in the role of a cybercriminal navigating the dangerous world of digital intrusion!...
Seven new BPFDoor variants that push Linux backdoor tradecraft deep into the kernel, making them harder to spot in large telecom networks. These implants use Berkeley Packet Filter...
Deep#Door is a stealthy Python-based Remote Access Trojan (RAT) that uses an obfuscated batch loader to deploy a persistent surveillance and credential-stealing implant on Windows...
Account Hacker: Rogue Login is a dark comedy social media sabotage simulation game...
Just a normal day. 23rd May, 2026. Wake up in the morning, pick up my friend from his house, head to the gym. Somewhere between sets, he casually mentions: "One of my client's...
Hackers are abusing Obsidian’s Shell Commands plugin and shared cloud vaults to deliver a new cross‑platform malware chain that ends with the PHANTOMPULSE remote access trojan. Att...
GitGuardian uncovers TeamPCP attack on Bitwarden CLI, abusing GitHub Dependabot to spread Shai-Hulud and poison AI coding tools.
Attackers are rapidly exploiting CVE-2026-39987 in the marimo Python notebook platform to deploy a new NKAbuse backdoor variant hosted on Hugging Face Spaces, turning AI/ML develop...
UAC-0184 uses a multi‑stage malware chain that abuses bitsadmin and HTA loaders to reach a heavily obfuscated payload bundle, ultimately hiding behind signed binaries such as VSLau...
Hello Hackers, Hope you guys are doing well and hunting lots of bugs and Dollars!Continue reading on InfoSec Write-ups »
Every time you think the industry has finally stopped doing some reckless, low-effort crap, somebody spins up a fresh box full of sketchy loaders, fake installers, recycled social-...
A domain controller hums in a way most people never hear. Not loud. Not dramatic. Just a steady administrative breath in the background of a network that believes it is orderly. S...
Picture this scenario: An Anthropic Skill scanner runs a full analysis of a Skill pulled from ClawHub or skills.sh. Its markdown instructions are clean, and no prompt injection is...
Threat actors are actively exploiting end-of-life F5 BIG-IP appliances to gain unauthorized SSH access into enterprise networks, using the compromised devices as launchpads for sop...
A newly observed intrusion demonstrates how attackers are replacing static playbooks with AI-driven agents that adapt in real time. The attack began on May 10, 2026, бѓ бѓќбѓ“бѓ”бѓ...
Rough Monday. Somebody poisoned a trusted download again, somebody else turned cloud servers into public housing, and a few crews are still getting into boxes with bugs that should...
Use SocialBu to discover ideas, generate post drafts, and schedule them across your social channels.