Cybercriminals are actively exploiting misconfigured web applications used for security training to compromise cloud environments of Fortune 500 companies, deploying crypto miners and webshells. Major cloud providers like AWS, GCP, and Azure are affected, with many exposed systems still using default credentials and overly privileged roles. #DVWA #OWASPJuiceShop
Keypoints
- Threat actors are exploiting intentionally vulnerable web applications for cloud environment access.
- Automated scans revealed 1,926 vulnerable applications exposed on preconfigured cloud platforms.
- Attackers have actively deployed crypto miners, webshells, and persistence scripts on compromised systems.
- Many exposed systems used default credentials and overly privileged IAM roles, increasing risk.
- Experts recommend enforcing least-privilege access, removing default credentials, and inventorying cloud resources systematically.