New Exclusive content available on Dedicated Labs

New exclusive content has been released on Dedicated Labs featuring active directory attacks, vulnerability chains, and container breakouts.

Trustful is an easy Linux machine featuring a vLLM RCE (CVE-2026-22807) and a telnetd auth bypass (CVE-2026-24061). Attackers exploit a public MinIO bucket in a CI/CD pipeline by uploading a malicious model config with a poisoned auto_map entry. This grants RCE within a Docker container. A vulnerable Telnet server on the host then allows a container breakout to gain root access.

This Sherlock provides players with an opportunity to utilize Elastic SIEM to detect and hunt for two critical Active Directory attacks: DCSync and Kerberoasting. The Sherlock takes players through the full cyber kill chain.

BlueTide Marine requires a two-stage vulnerability chain. The first stage abuses Traefik path-matcher behavior (CVE-2025-66490) to reach a protected Signal K websocket path. The second stage abuses command injection in @signalk/set-system-time (GHSA-p8gp-2w28-mhwg / CVE-2026-23515) to execute commands and retrieve the flag.