Threat actors exploit security-testing apps to breach cloud infrastructure

Threat summary

A report published January 21, 2026 showed threat actors exploiting intentionally vulnerable training and security-testing applications that organizations deploy for education, internal penetration-testing practice, and product demonstrations.

These applications, such as OWASP Juice Shop, bWAPP, Damn Vulnerable Web Application, and Hackazon, are intentionally insecure by design. They are built with known vulnerabilities so security teams can learn how attacks work in a controlled environment.

In the right setting, they are useful training tools. The problem arises when these applications are deployed on real cloud infrastructure, connected to real permissions, and left exposed to the Internet. When that happens, attackers can exploit the built-in weaknesses as intended, but with access to actual cloud resources instead of an isolated lab.

Researchers identified more than 10,000 of these applications online, hosted on Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. Many belonged to Fortune 500 companies and major security vendors. 

According to the investigation, attackers used these exposed applications to gain remote code execution, deploy webshells, plant cryptocurrency miners, and extract cloud credentials. In one confirmed case, a Hackazon instance deployed on a production AWS Elastic Compute Cloud server was compromised through an insecure file upload function. Attackers then accessed cloud metadata services, retrieved credentials, and pivoted deeper into the environment.

Insights

Threat actors are leveraging these applications because they offer a predictable and low-effort attack path. The vulnerabilities are intentional, well-documented, and easy to exploit. Many instances are deployed with default credentials, unpatched components, or excessive cloud permissions.

Because these applications are often treated as harmless lab tools, they are frequently excluded from monitoring, logging, and patching workflows. This allows attackers to bypass protections and operate with minimal detection. Once inside, they extract credentials, interact with cloud identity and access management roles, and move laterally into production systems.

Field Effect MDR reduces the impact of this threat by identifying abnormal interactions with web applications, unexpected file uploads, credential access, and lateral movement, behaviors that commonly occur after these intentionally vulnerable training apps are exploited. Correlating these signals allows analysts to detect exploitation attempts early and investigate before attackers pivot deeper into production systems.

This threat trend is significant because it exposes a blind spot: tools intended for safe learning are being deployed in real environments with real privileges, creating a new class of supply-chain exposure that impacts vendors, cloud providers, and managed service providers.

When these applications are exposed to the Internet or connected to production networks, they create an unmonitored attack path that can lead to credential theft, cloud compromise, and downstream customer impact. The scale of exposure across cloud platforms shows that this is not an isolated misconfiguration, but a systemic operational issue affecting organizations of all sizes.

Recommendations

Removing or isolating intentionally vulnerable training applications from production networks and cloud environments can help mitigate risk. Restricting permissions for any training or demonstration application limits the impact of compromise, while network access controls prevent public exposure.

Regular discovery scans help identify forgotten or unmonitored applications, and rotating credentials reduces the risk of lateral movement following an initial compromise.

Stay on top of emerging threats like this.

Sign up to receive a weekly roundup of our security intelligence feed. You'll be the first to know of emerging attack vectors, threats, and vulnerabilities. 

Sign up