VulnHub

Real-time Cybersecurity News

Exposed Training Open the Door for Crypto-Mining in Fortune 500 Cloud Environments

The Hacker News
Actively Exploited

Overview

Recent findings have raised concerns about the security of training applications used in cybersecurity education. These applications, such as OWASP Juice Shop and DVWA, are intentionally designed to be vulnerable, allowing users to learn about common attack techniques. However, researchers have discovered that these insecure applications, when deployed in cloud environments, can be exploited for unauthorized crypto-mining activities. This poses a significant risk for organizations, particularly those in the Fortune 500, as attackers can leverage these vulnerabilities to siphon resources and potentially compromise sensitive data. The use of such training tools must be carefully managed to avoid exposing corporate environments to additional risks.

Key Takeaways

  • Active Exploitation: This vulnerability is being actively exploited by attackers. Immediate action is recommended.
  • Affected Systems: OWASP Juice Shop, DVWA, Hackazon, bWAPP
  • Action Required: Organizations should implement strict access controls and monitor the deployment of training applications in their environments.
  • Timeline: Newly disclosed

Original Article Summary

Intentionally vulnerable training applications are widely used for security education, internal testing, and product demonstrations. Tools such as OWASP Juice Shop, DVWA, Hackazon, and bWAPP are designed to be insecure by default, making them useful for learning how common attack techniques work in controlled environments. The issue is not the applications themselves, but how they are often

Impact

OWASP Juice Shop, DVWA, Hackazon, bWAPP

Exploitation Status

This vulnerability is confirmed to be actively exploited by attackers in real-world attacks. Organizations should prioritize patching or implementing workarounds immediately.

Timeline

Newly disclosed

Remediation

Organizations should implement strict access controls and monitor the deployment of training applications in their environments. Regular security assessments and updates to the training tools may also help mitigate risks.

Additional Information

This threat intelligence is aggregated from trusted cybersecurity sources. For the most up-to-date information, technical details, and official vendor guidance, please refer to the original article linked below.

Read Original Article

Related Coverage

Your AI doctor doesn’t have to follow the same privacy rules as your real one

CyberScoop

AI applications are increasingly entering the healthcare space, but they may not be required to follow the same privacy regulations that traditional healthcare providers must adhere to. This raises concerns about how patient data is handled, as there is no guarantee that these AI tools will implement stringent data security measures. Patients using AI for medical advice might be at risk of their personal health information being mismanaged or inadequately protected. As healthcare technology evolves, it's crucial for users to be aware of the potential privacy implications and for regulators to consider updating laws to keep pace with these advancements. The situation calls for careful scrutiny to ensure that patient rights are upheld in an increasingly digital healthcare environment.

Feb 11, 2026

North Korean Hackers Use Deepfake Video Calls to Target Crypto Firms

Infosecurity Magazine

North Korean hackers have launched a sophisticated campaign targeting cryptocurrency firms by using deepfake video calls to impersonate legitimate company representatives. These attackers have stolen Telegram accounts and are conducting fake Zoom meetings to trick users into installing infostealer malware. This malware is designed to harvest sensitive information, which could lead to significant financial losses for the affected companies. The use of deepfake technology in these scams highlights a concerning trend in cybercrime, where attackers are becoming increasingly adept at using advanced tactics to deceive their targets. Cryptocurrency firms, already vulnerable to various cyber threats, must remain vigilant against such innovative attack methods.

Feb 11, 2026

AI-generated React2Shell malware infects 90-plus hosts

SCM feed for Latest

Researchers have recently identified a new strain of malware named React2Shell, which has infected over 90 hosts. This malware, discovered through a Docker honeypot, is primarily used for cryptojacking, a practice where attackers hijack computing resources to mine cryptocurrency without the owner's consent. The emergence of React2Shell signals a growing trend in the use of artificial intelligence to create more sophisticated malware. Organizations need to be vigilant about their Docker environments and ensure they have robust security measures in place to protect against such threats. The impact of this malware could lead to significant financial losses for businesses if their systems are compromised.

Feb 11, 2026

Is spyware hiding on your phone? How to find out and remove it - fast

Latest news

The article discusses the possibility of spyware infecting smartphones, alerting users to signs that their devices may be compromised. It emphasizes that unusual behavior, such as faster battery drain, unexpected data usage, and unfamiliar apps, can indicate spyware presence. The piece provides guidance on how to identify and remove such malicious software quickly. Given the rise in cyber threats, this information is crucial for users to protect their personal data and maintain their device security. Understanding how to detect and eliminate spyware can help individuals avoid potential privacy breaches and unauthorized access to sensitive information.

Feb 11, 2026

Conduent Breach Hits Volvo Group: Nearly 17,000 Employees’ Data Exposed

SecurityWeek

A recent data breach involving Conduent has compromised the personal information of nearly 17,000 employees at Volvo Group, part of a much larger incident affecting at least 25 million individuals. Initially thought to involve only 10 million people, the breach has expanded significantly, raising concerns about data security across numerous organizations. The exposed data could include sensitive information, putting affected employees at risk for identity theft and other malicious activities. This incident emphasizes the need for companies to bolster their cybersecurity measures and protect sensitive employee data. The breach's scale indicates a potential vulnerability in third-party vendor systems, which can have widespread implications for many businesses relying on such services.

Feb 11, 2026

Ivanti Patches Endpoint Manager Vulnerabilities Disclosed in October 2025

SecurityWeek

Ivanti has addressed a serious security flaw in its Endpoint Manager software, which was disclosed in October 2025. A high-severity authentication bypass vulnerability was identified, allowing attackers to remotely exploit the system without needing any form of authentication. This means that unauthorized users could potentially gain access to sensitive credentials. The implications of this vulnerability are significant, as it could expose organizations to data breaches and unauthorized access. Users of Ivanti Endpoint Manager are strongly encouraged to apply the latest patches to secure their systems and safeguard their information.

Feb 11, 2026