Hack The Box

🚨 Did you miss the exclusive April content drop? 🚨 New exclusive content has landed on Hack The Box, with fresh challenges across offensive and defensive security. Introducing Branch, an Exclusive Machine focused on real-world exploitation paths across Web Applications and Artificial Intelligence. Players will explore an authenticated RCE vulnerability in Gogs — CVE-2025-8110 — alongside a command injection vulnerability in the Ray distributed AI compute engine — CVE-2023-6019. Also included in this month’s drop is IncipientBreeze-1, an exclusive defensive Sherlock where players perform threat intelligence on UNC3886. Starting with the MITRE ATT&CK framework, players will investigate malware used by the threat actor, uncover tactics and techniques, and build actionable intelligence to strengthen defenses against a sophisticated adversary. Plus, take on PickMe, an exclusive offensive Challenge demonstrating a scenario mapped to CVE-2026-26215, a pickle deserialization RCE in manga-image-translator shared mode. Exclusive Machine: Branch Type: Offensive Domains: Web Applications, Artificial Intelligence Exclusive Sherlock: IncipientBreeze-1 Type: Defensive Domains: OSINT, Threat Hunting Exclusive Challenge: PickMe Type: Offensive Domains: Web Applications Ready to dive into April’s exclusive drop? #HackTheBox #HTB #CyberSecurity #ContentDrop #OffensiveSecurity #DefensiveSecurity #WebSecurity #ArtificialIntelligence #ThreatIntelligence #ThreatHunting #OSINT #MITREATTACK #RCE

Inside this month's ThreatReady Newsletter... Cyber readiness is not a claim. It is a stress test. April at Hack The Box was all about proving capability under pressure, from the launch of registration for the Global Cyber Skills Benchmark 2026 to new advances in AI red teaming, cyber workforce validation, and hands-on platform updates. Here’s what stood out: 🌍 The Global Cyber Skills Benchmark 2026 is open From May 15–20, corporate security teams can compete in a free, five-day live-fire CTF to benchmark real-world readiness against global peers. 🤖 AI security takes center stage HTB launched the Certified Offensive AI Expert certification, built for professionals who need to assess, exploit, and harden AI systems in realistic conditions. ⚡ Automation is accelerating cyber risk HTB research showed how AI-augmented specialists can uncover viable attack paths significantly faster, reinforcing the need for skilled human judgment alongside automation. 🏆 Industry recognition for HTB Hack The Box was recognized across major 2026 cybersecurity awards for training, readiness, and AI security innovation. Plus, loads more, including new platform updates. 🛠 #Cybersecurity #CyberReadiness #AIsecurity #CTF #HackTheBox

Who is responsible for AI security? With AI operations, many professionals are struggling to determine where the line of responsibility is drawn. HTBs AI Red Teamer path uses Google's Secure AI Framework (SAIF) to map out the entire AI pipeline, from training data to agent integration, so you know exactly where vulnerabilities lie and who is accountable for them. Ready to prove your expertise? Take it a step further with the HTB COAE certification. Start your journey here: https://okt.to/bD0Lih #HackTheBox #AIredteaming #cybersecurity #redteaming

Which CTF will you build next? 🛠️ Our CTF packs continue to expand into new domains, helping your teams build, validate, and benchmark practical cyber skills through hands-on scenarios aligned with real-world workflows. Linux Fundamentals Build practical Linux skills through beginner-to-intermediate, terminal-based scenarios. Cloud Forensics - Essentials: Investigate realistic cloud intrusions across AWS, Azure, and GCP. SATCOM Security - Essentials: Step into Operation Titan Link and explore the SATCOM attack surface. From foundational skills to specialized domains, these scenario packs turn learning into measurable capability, through engaging events you can build and tailor in minutes. Build your own event → https://okt.to/gqTjzQ #HackTheBox #Linux #cloudsecurity #redteam #CTF #capturetheflag #ThreatIntelligence

Huge congratulations to the winners of the UK Financial Services and Friends Security Hackathon, delivered in conjunction with Lloyds Banking Group and Google Cloud. It was brilliant to see so many talented participants come together to solve challenges, collaborate under pressure, and showcase their cybersecurity skills. A special well done to our inaugural winning team, who earned 1st place, lifted the trophy, and impressed throughout with their creativity, technical ability, and teamwork. 🍾 Finally, a special thank you to everyone who took part, and to Lloyds Banking Group and Google Cloud Security for helping make the event such a success.

The biggest CTF for corporate teams is here 🚩 Modern influence is built on a foundation of global dependency. Control the systems, and you control the world. Welcome to Project Nightfall. As major elections loom, state-backed crews are weaponizing trust to trigger global disruptions. Your orders are to identify the footholds and sever their access. Immerse your corporate team in a 5-day nation-state warfare scenario. Tackle real-world attack vectors across multiple cybersecurity categories and benchmark your readiness and true resilience. Join Global Cyber Skills Benchmark 2026 from May 15 - 20, 2026, for free: https://okt.to/EzL81U #HackTheBox #HTB #Cybersecurity #CTF #WarfareScenario #Attacks

Day 2 of the UK Financial Services and Friends Security Hackathon, and it’s all to play for. Keep your eyes peeled as we discover who will get their hands on the trophy. Of course, none of this would be possible without our fantastic partners at Lloyds Banking Group and Google Cloud 🙌

That’s a wrap on Day 1 of the UK Financial Services and Friends Security Hackathon, in partnership with Lloyds Banking Group and Google Cloud. Let’s see how Day 2 evolves. It’s fantastic to see the collaboration in the room. Together, we can continue defining what world-class talent looks like on the UK and global frontline. Manija Poulatova | Christine Bartlett | Pavlos Kolios | Nikos Fountas | Shelby Heard | Gina Owen | Theoni Papachristou

If you think securing an AI model starts and ends with the prompt, you are already behind 🏃♀️ Attackers are finding ways to compromise the system from the initial training data to the final output. We are breaking down the major AI attacks you cannot afford to ignore 👇 Level up your skills for the AI era with the new HTB COAE path and certifications. Start learning now: https://okt.to/EvwMic #HackTheBox #AI #InfoSec #HTBCOAE #OffensiveAI #AIAttacks #Cybersecurity

Your legacy will live on ⚔️ We are launching HTB XP, a unified progression system that tracks your growth across the entire ecosystem. Every Machine you pwn, every Challenge you solve, and every Academy Module you complete now contributes to a single, cumulative score that stays with you forever. What is new: 🕹️ 7 Ranks and 3 Sub-grades for granular tracking 🕹️ Over 100 levels to climb 🕹️ 1.3x XP boost for Active Labs 🕹️ Cumulative scores that never reset Explore the new ranks and start earning today: https://okt.to/QouHqf #HackTheBox #CyberSecurity #InfoSec #CareerGrowth #XP #Hacking