Bouquets imported to Europe found to be heavily contaminated, often with chemicals banned in EU and UKStay away from roses this Valentine’s Day, environmental campaigners have warned after testing revealed them to be heavily contaminated with pesticide…
I’m an AI millionaire in Washington. Tax me
This year, my wife and I will owe the biggest federal tax bill ever. And I’m not the least bit mad about it. But I wish the state were taking a bit of it, too.
EU leaders welcome US tone shift in Rubio’s Munich speech – DW.com
EU leaders welcome US tone shift in Rubio’s Munich speech DW.comRubio reassures Europe’s leaders of US backing — but only if they change course CNNAmerica’s charm offensive in Munich masks harder line on Europe Politico…
Hack The Box: Soulmate machine walkthrough – Easy Difficulitty
Just completed the Soulmate machine on Hack The Box — rated Easy, but packed with a satisfying vuln chain!
Started with subdomain enumeration → discovered an exposed CrushFTP admin panel on ftp.soulmate.htb. Exploited an unauthenticated API flaw (CVE-2025-31161 style) in the /WebInterface/function/ endpoint to enumerate users and create a backdoor admin account. From there, abused broken access controls in User Manager to reset the “ben” account password. Logged in as “ben” → gained VFS access to /webProd (the main web root), uploaded a PHP webshell → got RCE as www-data with a reverse shell.
Credential reuse let me su ben and grab user.txt
Root came via a backdoored Erlang SSH daemon on localhost:2222 (hardcoded always-true auth, running as root) → trivial escalation to root Eshell and root.txt
Key takeaways: exposed admin panels are goldmines, weak API auth leads to quick takeovers, credential reuse is still everywhere, and custom services with backdoors can hand you root on a platter.
Loved the progression from web misconfig → file write → RCE → local privesc. Solid learning box!
#HackTheBox #HTB #CyberSecurity #PenetrationTesting #CTF #PrivilegeEscalation #RCE #BugBounty #RedTeam
The post Hack The Box: Soulmate machine walkthrough – Easy Difficulitty appeared first on Threatninja.net.
Tolerance of Iranian regime gives comfort to every bully, says shah’s son
Prince Reza Pahlavi, son of the deposed shah, was speaking at the Munich Security Conference.
Limited government shutdown likely to linger for at least 10 days as Congress takes break
13% of federal civilian workforce is affected, although DHS – which spurred budget standoff – remains fundedA limited US government shutdown came into effect on Saturday – the third of Donald Trump’s second term – after negotiations between the White H…
Limited government shutdown likely to linger for at least 10 days as Congress takes break
13% of federal civilian workforce is affected, although DHS – which spurred budget standoff – remains fundedA limited US government shutdown came into effect on Saturday – the third of Donald Trump’s second term – after negotiations between the White H…
Roy Medvedev, Soviet Era Historian and Dissident, Is Dead at 100
His score of books and hundreds of essays documented Stalinist executions, Communist repressions and censorship, and the transition to post-Soviet Russia.
Russian opposition leader Alexei Navalny was poisoned by deadly ‘dart frog’ toxin, Europeans say – NBC News
Russian opposition leader Alexei Navalny was poisoned by deadly ‘dart frog’ toxin, Europeans say NBC NewsRussia killed opposition leader Alexei Navalny using dart frog toxin, UK says BBCMunich Security Conference live: Russia pois…
News24 | Europe weighs nuclear independence amid Russia threat and US doubts
European leaders, worried about threats from a nuclear-armed Russia and doubts about the future of US security commitments, are increasingly debating whether to bolster nuclear arsenals on the continent.