Code Name (Nyx)
We are pleased to announce the release of r2026-02 CYBER RANGES, code-named Nyx!
This release introduces key improvements across the Main App, Scenario Composer, Admin App, and multiple Backend Services. Alongside significant new features and security enhancements, we’ve made performance upgrades, streamlined technical operations, and resolved a range of bugs to improve stability.
Highlights
Area | Highlights |
Main App (APP) | New Feedback Component: Entirely reworked UI for user feedback. Domain Support: Integrated new platform/domain endpoints. Cart Logic: Smart visibility for the cart icon and subscription-based "Add to Cart" buttons. Validator: New version validator to block unstable dependencies. |
Scenario Composer | Cloud Visuals: Custom background colors for network nodes and enhanced node style selectors. Uploader Page: Dedicated UI for cloud image uploads with OpenStack support. Injection Filtering: New filters for "Injection Type" and improved action visibility on thumbnails. |
Admin App | Bulk Management: Support for CSV team uploads and bulk event visibility updates. Protection: "Protection Enabled" feature to prevent deletion of critical playlists. Feedback Management: New dedicated pages for managing Scenario and Platform feedback. |
Backend | New Feedback Service: A dedicated microservice for managing user responses. Security: Integrated Trivy scanning and Sentry for orchestrator monitoring. Swarm: Implemented new license and maintenance modules with grace-period banners. |
What’s New [APP]
Feedback & Interaction
New Feedback Component: A redesigned feedback system has been implemented to streamline how users provide input on their experience.
Subscription Defaults: The profile section now features default selectors for user subscriptions, simplifying the onboarding process.
Functionality & UI
Cart Intelligence: The cart icon is now context-aware, appearing only when items are present. Additionally, the "Add to Cart" button is restricted to users with available subscriptions.
Upload Controls: Users can now cancel file uploads within free-text questions, providing better control over accidental submissions.
Event Visibility: Expired events now have updated visibility logic to keep the dashboard clean and relevant.
Security & Stability
Dependency Lockdown: A version validator has been added to block
^(caret) dependencies, ensuring build consistency and protecting against "breaking" upstream updates.Login Refinement: The forgot-password feature can now be disabled via system preferences for specific deployment configurations.
Dev Notes - Fixes and Improvements [APP]
Error Handling: Resolved a bug where multiple "unauthorized" errors would stack on the login page; the UI now displays a singular, clean notification.
Observer Accuracy: Feedback submissions for observer assessments are now strictly enforced as absolute numbers.
Performance: Updated multiple vulnerable libraries and optimized the
ui-componentslibrary for faster load times.Refactoring: Initiated a major project to refactor application pages to TypeScript for long-term type safety.
Comprehensive Feedback System [APP]
We have introduced a platform-wide Feedback System that lets users share ratings and Comments. This system is now integrated across multiple views to help scenario designers and administrators capture precise user sentiment.
Scenario Multiplayer
Participants can now provide feedback at multiple levels of a live event:
Event & Scenario: General ratings and comments for the overall experience.
Missions & Rules: Specific feedback regarding the clarity of objectives and the fairness of established rules.
- Page-Specific Feedback: Feedback modules are now accessible directly from the Score, Questions, Servers, and Help pages, allowing users to comment on their experience in real-time.
Scenario Single Player
For individual training, feedback options have been expanded to include:
Core Components: Rating and commenting on specific Missions, Rules, and the parent Scenario.
Question-Level Insights: Users can provide feedback on the entire Scenario, all questions as a group, or individual questions to highlight specific points of confusion or excellence.
Injections & Support
Injections: Participants can now rate the timing and relevance of specific injections.
Help Page: A new feedback loop on the Help page allows users to rate the quality of support documentation and technical assistance.
What’s New [Composer]
Cloud Composer & Infrastructure
Visual Customization: Added the ability to change background colors for network node containers and enhanced the node style selector for better diagram organization.
Advanced Networking: Introduced a toggle option to hide/show injector router connections to other nodes, reducing diagram clutter.
Image Management: A dedicated "Cloud Image Uploader" page has been added, supporting RAW-type uploads and improved error handling for deleted images.
Filtering & Search
Multi-Select Filters: Scenario filters now allow multiple selections for "Type" and "Difficulty."
Flavor Search: Added searching capabilities when importing cloud flavors and a new dropdown for flavor creation.
Default Views: The default filter status is now set to "All except deleted" to improve workspace clarity.
Scenario Logic
Cloning Integrity: Support added for the "original" field when cloning scenarios with IEv3 injections to maintain data lineage.
Safety Measures: Added warning information on linked and child template nodes to prevent unauthorized edits.
New Node Icons
Additional node icons added.
Dev Notes - Fixes and Improvements [Composer]
Diagram Fix: Fixed a logic error in edge coloring to ensure connections correctly reflect the status of source and target nodes.
Resource Cleanup: When deleting CR images, the system now correctly supports the simultaneous deletion of associated OpenStack images.
UI Polish: Increased the size of node action buttons and moved them to the right for better ergonomics.
What’s New [Admin]
Team & User Management
Bulk Team Upload: Admins can now upload entire teams via CSV file, significantly reducing manual data entry.
Team Refactor: The "Update Team" modal has been split to separate captain updates from general team details for better precision.
User Grouping: Improved status indications and renamed action labels for clearer user group management.
Platform Administration
Feedback Management: Dedicated administrative pages have been added for Scenario and Platform feedback, allowing admins to moderate and review user input centrally.
Lobby Operations: Added the ability to bulk-update event visibility across multiple lobbies.
LMS Updates: Replaced legacy competence search endpoints with a more efficient global endpoint.
Competencies Linking
The new Link/Unlink logic allows you to map primary competencies to secondary ones. Once linked, the system will recognize these associations globally across the platform. To automatically unlock related competencies when one is assigned to a question, you must first establish a connection between them using the Admin UI, as illustrated below.
System Parameters: DISABLED_FUNCTIONALITY
To restrict specific actions on the login and landing pages, add the following to your Auth Service configuration:
To Disable Registration: Set
DISABLED_FUNCTIONALITY = registration. This removes the ability for new users to create accounts via the UI.
To Disable Forgot Password: Set
DISABLED_FUNCTIONALITY = forgotPassword. This hides the password recovery option, which is ideal for environments using external identity providers like AD or Radius, where password management is handled externally.
Feedback Management
The new management page allows Administrators to oversee all incoming feedback.
Visibility Control: If
disabledFunctionality.disabledis set in the system parameters, the feedback UI will automatically be hidden from users.Global Monitoring: Admins can now track ratings and comments across the entire platform or drill down into specific scenario-level feedback.
Dev Notes - Fixes and Improvements [Admin]
Interactive Tables: All table rows are now clickable with a default "view/edit" action, improving navigation speed.
Session Stability: Fixed an issue where users were occasionally logged out upon page refresh.
License UI: Reworked the license information display on the dashboard and added the "Release Name" for easier troubleshooting.
Backend Service Updates
cr-messaging (1.8.0)
New Feedback Service: Launched a dedicated service to handle all platform feedback logic.
External Notifications: Added support for external notification triggers.
cr-auth (4.8.0)
User Cleanup: Automated the deletion of
playlistSubscriptionrecords when a user is deleted to ensure data privacy and database health.
cr-core (2.4.0)
Global Competencies: Added proper support for
globalIdand competence/category mapping to align with international frameworks.
cr-orchestrator (3.3.0)
Security Scanning: Integrated Trivy for automated container vulnerability scanning.
Sentry Integration: Added properties for Sentry to improve real-time error tracking and reporting.
cr-uploader (2.0.0)
Performance: Added
qemu-imgto production stages and improved extension computation for downloaded cloud image files.
cr-swarm (0.2.0)
Maintenance Mode: Implemented a new maintenance banner with grace-period support and automated license expiration actions.
Injector Engine
Editor (1.6.0)
Folder Navigation: New breadcrumb-based folder navigation, history tracking, and create-dialogs for complex scenario structures.
UI State: Added a
isModifiedstate to prevent accidental loss of work and improved the layout of the |dropdon UI.
Testing & Stability
CI Integration: Unit tests are now mandatory in the CI pipeline for nearly all IE services (Activity Center, AI Manager, Proxy, etc.).
Version Control: All IE components now include the version validator to block caret dependency issues.