legal-document-to-plain-english-translator/”>Try Free Now: Legalese tool without registration

Find a LOCAL lawyer

Security Vulnerabilities in Training Applications: A Critical Overview

Author and Date Information

Published by: The Hacker News
Date: February 11, 2026
Tags: Identity Security / Threat Exposure

Training applications, specifically designed to be intentionally vulnerable, play a crucial role in security education, internal testing, and product demonstrations. Prominent tools like OWASP Juice Shop, DVWA, Hackazon, and bWAPP adopt an insecure-by-default configuration, making them essential for learning about common attack techniques within controlled environments. However, the effectiveness of these tools depends greatly on their deployment and management in real-world cloud environments.

Deployment Challenges and Security Risks

Unfortunately, the crux of the issue lies not in the applications themselves but in how they are often deployed and maintained within actual cloud infrastructures. Pentera Labs conducted an in-depth examination of the usage of training and demonstration applications across cloud settings, revealing a concerning pattern: many applications meant solely for isolated lab use were inadvertently exposed to the public internet. These applications were left running in active cloud accounts and linked to cloud identities with access levels broader than necessary.

Observed Deployment Patterns

The research from Pentera Labs illustrated that these applications were typically deployed with default configurations, minimal isolation, and overly permissive cloud roles. Investigators noted that numerous exposed training environments were directly connected to active cloud identities with significant privileges. This alarming combination of factors enables attackers to move well beyond just the vulnerable applications, posing a grave threat to the broader cloud infrastructure of a customer.

In scenarios where a single exposed training application serves as an initial foothold, attackers can leverage connected cloud identities and privileged roles to gain access well beyond the original application or host. Once inside, they may interact with various resources within the cloud environment, significantly widening the scope and potential impact of a security breach.

Scope of Vulnerabilities Identified

In its comprehensive investigation, Pentera Labs verified nearly 2,000 live exposed training application instances, with approximately 60% hosted on customer-managed infrastructures like AWS, Azure, or GCP. This statistic reflects a dire need for improved oversight and management of such applications to mitigate associated risks.

Evidence of Active Exploitation

The findings demonstrate that the configuration and exposure of these training environments do not merely represent oversight. Pentera Labs discovered clear evidence that attackers are actively exploiting exposed systems. In a broader dataset of exposed training applications, investigators found that approximately 20% of instances included artifacts from malicious actors—ranging from crypto-mining operations to web shells and persistence mechanisms. Such findings reflected ongoing misuse and prior compromises of these vulnerable systems.

The active presence of crypto-mining and other exploitation tools indicates that exposed training applications are not just vulnerable but are also being exploited broadly and effectively.

Extent of the Security Breach

The issues observed are not relegated to small test systems. Pentera Labs found this troubling deployment pattern across cloud environments associated with Fortune 500 companies and prominent cybersecurity vendors, including Palo Alto Networks, F5, and Cloudflare. Regardless of the individual environments, the essential pattern of insufficient isolation and public accessibility of training applications remained consistent.

Why You Should Care

Organizations frequently downplay the risks associated with training and demo environments, treating them as low-risk or temporary assets. Consequently, these applications are often excluded from standard security monitoring, access reviews, and lifecycle management protocols. Over time, many of these environments can remain exposed well past their intended purpose, increasing the likelihood of exploitation.

What’s particularly concerning is that attackers do not need advanced or zero-day vulnerabilities to exploit these systems. Default credentials, known weaknesses, and public exposure provide sufficient entry points for attackers.

Labeling a system as "training" or "test" does not diminish its risk profile. When these applications are publicly accessible and connected to privileged cloud identities, they contribute to the organization’s overall attack surface.

Role of AI legalese decoder

In light of these significant vulnerabilities and the complexities surrounding training applications, organizations need to enhance their understanding of legal and compliance implications. This is where the AI legalese decoder can come into play. By using AI legalese decoder, businesses can simplify legal jargon related to cloud security, ensuring they clearly understand the compliance regulations and potential liabilities associated with exposed training environments.

The AI legalese decoder can critically assist organizations in navigating the legal landscapes tied to cloud exposures and help identify specific terms or conditions that could mitigate risks. This tool can help ensure that your training applications are managed in accordance with legal standards, protecting your organization from potential liabilities and enhancing overall security posture.

Conclusion and Further Engagement

To delve deeper into these critical insights, refer to the full Pentera Labs research blog and consider joining a live webinar scheduled for February 12th. This event promises an in-depth discussion covering the research methodology, discovery process, and real-world exploitation scenarios identified throughout the study.

For inquiries or discussions related to this article, please reach out to Noam Yaffe, Senior Security Researcher at Pentera Labs, via email at [email protected].

Have Questions?

Is this article intriguing?
This content is a contribution from one of our valued partners.
Stay updated by following us on Google News, Twitter, and LinkedIn to explore more exclusive articles!

legal-document-to-plain-english-translator/”>Try Free Now: Legalese tool without registration

Find a LOCAL lawyer

Reference link