Hackers exploit security testing apps to breach Fortune 500 firms
From BleepingComputer to All on Wed Jan 21 09:43:44 2026
Threat actors are exploiting misconfigured web applications used for security training and internal penetration testing, such as DVWA, OWASP Juice Shop, Hackazon, and bWAPP, to gain access to cloud environments of Fortune 500 companies and security vendors. [...]