We have introduced XP and Activity Streaks directly to the HTB Profile. This update allows you to highlight your continuous learning and hands-on skills to the community and potential employers.

We have added two new preparation tracks to Hack The Box (HTB) Labs to help users prepare for our web security certifications.

The HTB Certified Web Exploitation Specialist (HTB CWES) preparation track builds a foundation in identifying and exploiting common web vulnerabilities. For those looking for a deeper dive, the HTB Certified Web Exploitation Expert (HTB CWEE) preparation track focuses on advanced techniques and chaining vulnerabilities in complex, real-world scenarios.

Both tracks consist of hands-on challenges designed to bridge the gap between theory and exam performance.

Your HTB Profile now includes an automated Badges showcase that highlights your achievements across HTB Labs and Academy. Clicking any badge reveals the full artwork, completion criteria, and global rarity statistics. This update helps you track your total progress and provides a public-facing snapshot of your milestones.

We have successfully rolled out HTB XP, a cumulative points system that tracks lifetime growth across the entire HTB Labs and Academy platforms.

XP is now awarded for Machines, Challenges, Academy Modules and Paths. This score is non-deductible and reflects your lifetime activity. More content integration is coming soon.

Completing Active Labs now grants an automatic 1.3x XP bonus.

Climb through 7 new ranks and 3 sub-grades, and more than 100 levels for more frequent rewards, all the way to Grandmaster.

A streak advances when 200 XP is earned within a calendar week (Monday 00:00:00 UTC to Sunday 23:59:59 UTC).

Labs VIP/VIP+ (Monthly and Annual) and Academy Annual subscribers now automatically receive Streak Savers every month (Max 3 held at once).

Just days after two critical vulnerabilities were disclosed, you can now explore how they are exploited in the Snapped machine.

The foothold demonstrates CVE-2026-27944 in Nginx-UI, where the /api/backup endpoint is accessible without authentication. This endpoint returns a full backup of nginx and Nginx-UI configuration files, along with the key required to decrypt the backup via response headers, allowing you to recover a weak user password from the Nginx-UI database file.

After gaining initial access, the machine shifts focus to privilege escalation through CVE-2026-3888, a TOCTOU race condition between snap-confine and systemd-tmpfiles. The challenge involves the deletion and recreation of a temporary mimic directory under /tmp, where an attacker must race the cleanup process by recreating the directory with controlled content and influencing execution timing via AF_UNIX socket backpressure during the bind-mount sequence.

By successfully winning the race condition, you can poison the sandbox’s shared libraries and leverage dynamic linker hijacking against the SUID-root snap-confine binary. This ultimately enables full system compromise, demonstrating how misconfigurations and race conditions can be chained together to escalate from initial access to root.

Shinra is a full-scale, medium-difficulty scenario consisting of 14 Machines and 12 flags. It demonstrates how covert techniques can bypass EDR, avoid SOC detection, and abuse trusted systems. Designed for users who want to transition from pentesting to red team engagements.

We have also released two Mini Pro Lab scenarios:

HTB Profile introduces a centralized view of your achievements and skills across Hack The Box platforms.

With the HTB Profile, you can:

Learn more about it here.

New advanced filters have been added to the retired tabs to improve content discovery across

With this update, users can:

This enhancement reduces search time and improves navigation across HTB Labs content.

New stats have been added to the HTB Labs profile tab to improve visibility into user progress.

This update includes:

The Hack The Box OWASP Top 10 2025 track introduces you to the most critical web application security risks facing modern applications.

Included in the track are 10 hands-on challenges ranging from Very Easy to Medium that have been aligned with the latest OWASP Top 10. By completing these challenges, you will learn how to identify and exploit common vulnerabilities, strengthening your ability to assess web applications in real-world environments.

Challenges include scenarios where you will uncover potential vulnerabilities, secure critical intelligence, infiltrate digital systems, analyze platform architecture, and more.