https://www.hackthebox.gr/rss/blog/threat-intelligence All the latest news and insights about cybersecurity from Hack The Box. Hacking trends, insights, interviews, stories, and much more en https://www.hackthebox.gr/images/landingv3/logo-htb-blog.svg https://www.hackthebox.gr/rss/blog/threat-intelligence https://www.hackthebox.gr/blog/path-traversal-vulnerabilities-in-jupyter-nbconvert Think Jupyter notebooks are safe? This breakdown reveals how nbconvert path traversal flaws allow file reads and writes without ever executing a single cell. ]]> Threat Intelligence Tue, 28 Apr 2026 14:23:00 +0000 https://www.hackthebox.gr/blog/path-traversal-vulnerabilities-in-jupyter-nbconvert https://www.hackthebox.gr/blog/CVE-2026-27944-CVE-2026-3888 Learn all about CVE-2026-27944 and CVE-2026-3888, two high-impact vulnerabilities affecting Nginx-UI and snapd, enabling unauthenticated data exposure and local privilege escalation. ]]> Threat Intelligence Mon, 23 Mar 2026 13:27:00 +0000 https://www.hackthebox.gr/blog/CVE-2026-27944-CVE-2026-3888 https://www.hackthebox.gr/blog/us-federal-judiciary-cyberattacks-solarwinds-pacer A technical breakdown of the 2020 and 2025 cyberattacks on US federal judiciary systems, including SolarWinds, PACER vulnerabilities, and key defensive lessons. ]]> Threat Intelligence Fri, 30 Jan 2026 13:57:00 +0000 https://www.hackthebox.gr/blog/us-federal-judiciary-cyberattacks-solarwinds-pacer https://www.hackthebox.gr/blog/n8n-ni8mare-cve-2026-21858-cve-2025-68613 Dive into Ni8mare (CVE-2026-21858) and CVE-2025-68613—two critical n8n bugs that chain into unauthenticated RCE. See the exploit in action and practice on our new BloodFlow machine. ]]> Threat Intelligence Wed, 28 Jan 2026 16:08:00 +0000 https://www.hackthebox.gr/blog/n8n-ni8mare-cve-2026-21858-cve-2025-68613 https://www.hackthebox.gr/blog/war-room-mongobleed-cve-2025-14847-mongodb-memory-leak-vulnerability Learn all about CVE-2025-14847, the High Vulnerability MongoDB memory leak vulnerability allowing unauthenticated memory disclosure. ]]> Threat Intelligence Wed, 07 Jan 2026 12:30:00 +0000 https://www.hackthebox.gr/blog/war-room-mongobleed-cve-2025-14847-mongodb-memory-leak-vulnerability https://www.hackthebox.gr/blog/godrat-financial-sector-attack-analysis A deep dive into GodRAT’s financial sector intrusion, mapping its attack chain, steganographic loaders, and RAT techniques to MITRE ATT&CK and real-world defenses. ]]> Threat Intelligence Thu, 18 Dec 2025 17:00:00 +0000 https://www.hackthebox.gr/blog/godrat-financial-sector-attack-analysis https://www.hackthebox.gr/blog/react2shell-cve-2025-55182-threat-spotlight A deep dive into React2Shell (CVE-2025-55182), the critical remote code execution vulnerability affecting React Server Components and Next.js. ]]> Threat Intelligence Wed, 10 Dec 2025 12:01:00 +0000 https://www.hackthebox.gr/blog/react2shell-cve-2025-55182-threat-spotlight https://www.hackthebox.gr/blog/asahi-ransomware-attack-analysis-mitre-mapping-qilin Dive into the Asahi ransomware attack. See how Qilin breached operations, mapped to MITRE ATT&CK, and how HTB labs train teams to stop it. ]]> Threat Intelligence Thu, 20 Nov 2025 09:29:00 +0000 https://www.hackthebox.gr/blog/asahi-ransomware-attack-analysis-mitre-mapping-qilin https://www.hackthebox.gr/blog/industrial-cybersecurity-asahi-attack-lessons Based on our recent webinar, we unpack the anatomy of the attack and what it reveals about today’s ICS/OT threat landscape. ]]> Threat Intelligence Fri, 14 Nov 2025 12:01:00 +0000 https://www.hackthebox.gr/blog/industrial-cybersecurity-asahi-attack-lessons https://www.hackthebox.gr/blog/dissecting-scattered-spider-webinar-ransomware-social-engineering Discover how Scattered Spider blends social engineering with technical precision to launch high-impact ransomware attacks. ]]> Threat Intelligence Wed, 05 Nov 2025 09:57:00 +0000 https://www.hackthebox.gr/blog/dissecting-scattered-spider-webinar-ransomware-social-engineering