TryHackMe

🚨 The AI1 Certification is live and with a special 30% off launch offer you don't want to miss 😉 Attack the system. Build the defence. Prove the skill. Earn the credential built for the next era of cyber security ⚡ Get certified in AI security with TryHackMe ▶️ tryhackme.com/certification/…

Manual privilege escalation checks are great, until you're on a timed engagement. Automated enumeration tools don't replace understanding, they amplify it. You still need to know what the output means. Learn the tools. Understand the output. Move faster. 🔧

Here's what you'll practice 👇 🤖 Run automated Linux enumeration tools 🔍 Find and weaponize public CVE exploits 👁️ Monitor processes with pspy to catch cron

⚡ Stop doing it the slow way. Automate your Linux privilege escalation workflow on TryHackMe. See thread for more 👇 🔗 tryhackme.com/room/linprivau…

Past the beginner stage in cyber? 👀 Try one of these intermediate project ideas Build labs. Simulate attacks. Investigate alerts. Analyze malware. Practice response. Start learning hands-on with TryHackMe ▶️ tryhackme.com/hacktivities?u…

@Krafti_ You should try it, and hit up that streak again 🚀

@tryhackme Lost my nearly 365 day streak during a red-eye flight and been unmotivated to jump back on the platform since. Don't know if logging in different timezones within 6 hours messed things up. The new AI Security path looks 👌🏼 though!

Now that we know the crazy places you saved your streak...Whats the crazy reason you lost it?? Top 3 best excuses gets 5 streak freezes...

WHAT THAT LOOKS LIKE These aren't theoretical threats ⚔️ Prompt injection ⚔️ RAG data poisoning ⚔️ Backdoors in model artifacts ⚔️ Supply chain attacks on Al dependencies The gap between Al being deployed and teams knowing how to secure it is where attackers live.

WHY THIS MATTERS NOW The Al attack surface is new, Al is moving fast and the threats are real. ⚔️ New attack paths 🔴 Real production risk 👨‍🏫 Teams still untrained

Prompt injection. RAG poisoning. Model backdoors👀 AI security is here, and so is your chance to win a 1 of 100 free AI1 certs 🧵See the read for more! 🗳️ Nominate + vote now: tryhackme.com/certification/…

@J_A_Sadeeq Are you in school for 24hours a day?

@tryhackme School

@MBE_Maestro thats not the worst excuse

@tryhackme School exams are coming up

@cSh4rk I would have cried 😭

🧵Attackers don't fear your tools. They fear your detections, when they're actually good. A bad detection is just noise. A good one is a trap. The difference is the person who built it. Understanding how detections are made tells you exactly where the gaps are, from either side of the keyboard.

Every alert your SOC fires had to be built by someone. Most people respond to detections. Few understand how they're made or why so many miss the mark. Learn to build smarter ones. 🧵 Check the threads below 🔗 tryhackme.com/room/introtode…

🧵 What's inside Intro to Detection Engineering: 1️⃣Learn what Detection Engineering is and its role in a SOC. 2️⃣ Understand the Detection Engineering Life Cycle. 3️⃣ Develop your Detection Engineer mindset. You'll never look at a SOC alert the same way.

AI security is becoming one of the fastest-growing areas in cyber. 🤖 So we’re giving 100 people free access to AI1. Your nomination & vote decides who gets them 🗳️ 👉 Help decide who gets certified for free: tryhackme.com/certification/…

Software engineers already have more security-relevant skills than they think. Before applying for your first security role, get comfortable with these 3 tools: Nmap, Burp Suite & Wireshark Learn them. Use them. Talk about them in interviews 🚀 👉 Build hands-on security skills on TryHackMe: tryhackme.com/hacktivities?u…

We didn’t “update” Web Security. We rebuilt the whole thing. 😈 Every room rewritten. New CSRF Introduction room added. More hands-on exploitation. More real vulnerability research workflow. Your web hacking arc starts here. 🕸️ 👉 Jump into the Jr Penetration Tester path: tryhackme.com/the-red-raffle…

A quick update on the Gitea vulnerability. Over 30,000 instances may still be exposed. The flaw (CVE-2026-27771) lets anyone pull private container images without authentication. Many organizations have not patched yet. If you run Gitea, check your version immediately and update to 1.26.2 or later. Temporary workaround: Enable REQUIRE_SIGNIN_VIEW.