Introduction The recent discovery of CVE-2026-1107 has introduced a critical vulnerability in EyouCMS, a popular content management system (CMS). This flaw exposes systems to severe security risks, requiring immediate attention from system administrators and hosting providers. Overview of CVE-2026-1107 The weakness lies within the check_userinfo function of the Diyajax.php file in EyouCMS versions up to […]

Understanding the New EasyCMS Vulnerability Recently, a significant vulnerability was discovered in EasyCMS—a widely used content management system. This vulnerability enables remote SQL injection via the UserAction.class.php file, making it critical for system administrators and hosting providers to take immediate action. Incident Summary The vulnerability, identified as CVE-2026-1105, affects EasyCMS versions up to 1.6. By […]

Introduction The recent discovery of CVE-2026-1107 has introduced a critical vulnerability in EyouCMS, a popular content management system (CMS). This flaw exposes systems to severe security risks, requiring immediate attention from system administrators and hosting providers. Overview of CVE-2026-1107 The weakness lies within the check_userinfo function of the Diyajax.php file in EyouCMS versions up to […]

Understanding the New EasyCMS Vulnerability Recently, a significant vulnerability was discovered in EasyCMS—a widely used content management system. This vulnerability enables remote SQL injection via the UserAction.class.php file, making it critical for system administrators and hosting providers to take immediate action. Incident Summary The vulnerability, identified as CVE-2026-1105, affects EasyCMS versions up to 1.6. By […]

There were 22.000 attendees, from more than 100 countries, with the biggest names in the tech world, more than 500 speakers, lack of wi-fi, 145.000 tweets in 72 hours, many business cards, a high interest in our server defense system and wonderful Irish hospitality. Here’s the wrap up of Web Summit 2014. Web Summit is […]

Hi there, Imagine where we will be free to meet soon: BitNinja’s going to the WebSummit, in Dublin! A few months ago we applied to the Alpha program of this event, dedicated to startups. After 2 weeks we got an email from the organizer that said: “There are so many applications for the program that we won’t […]

Did you hear about the Shellshock bug on bash Unix shell? There hasn’t been such a scandalous bug since Heartbleed that has caused such a big mess among server owners.A series of attacks on websites and servers using the serious Shellshock bug was spotted a few days ago. Millions of servers use software that is vulnerable […]

CVE-2026-1064: What Server Administrators Must Know The recent discovery of CVE-2026-1064 has alarmed cybersecurity professionals. This vulnerability impacts the Bastillion System Management System, specifically versions up to 4.0.1. Failure to act could have significant repercussions on server security. Understanding the Vulnerability CVE-2026-1064 pertains to a command injection flaw within the Bastillion management module. Specifically, it […]

Introduction to CVE-2026-1066 A recent critical vulnerability has been identified in kalcaddle kodbox up to version 1.61.10. This vulnerability impacts the Compression Handler functionality, allowing command injection attacks. As a server administrator or hosting provider, it's essential to understand the implications of this vulnerability and take proactive measures to secure your infrastructure. Understanding the Vulnerability […]

Understanding the CVE-2026-1063 Command Injection Vulnerability The recent vulnerability CVE-2026-1063 has posed a serious risk to users of the Bastillion Public Key Management System. The flaw exists in the code of AuthKeysKtrl.java files and can lead to command injection. This vulnerability allows attackers to execute arbitrary commands on affected systems, raising significant cybersecurity concerns for […]