Understanding CVE-2026-30839 Cybersecurity remains a significant concern for system administrators and hosting providers. Recently, a critical server-side request forgery (SSRF) vulnerability was identified in Wallos, an open-source personal subscription tracker. This vulnerability, known as CVE-2026-30839, poses a substantial risk to Linux servers that do not properly validate URLs. Details of the Vulnerability Before version 4.6.2, […]
Understanding the SSRF Vulnerability in Wallos 4.6.2 The recent discovery of a Server-Side Request Forgery (SSRF) vulnerability in Wallos versions prior to 4.6.2 has raised significant concerns for server administrators and hosting providers. This security flaw can allow attackers to initiate unauthorized requests from the server, leading to potential data breaches and operational disruptions. What […]
Understanding CVE-2026-30839 Cybersecurity remains a significant concern for system administrators and hosting providers. Recently, a critical server-side request forgery (SSRF) vulnerability was identified in Wallos, an open-source personal subscription tracker. This vulnerability, known as CVE-2026-30839, poses a substantial risk to Linux servers that do not properly validate URLs. Details of the Vulnerability Before version 4.6.2, […]
Understanding the SSRF Vulnerability in Wallos 4.6.2 The recent discovery of a Server-Side Request Forgery (SSRF) vulnerability in Wallos versions prior to 4.6.2 has raised significant concerns for server administrators and hosting providers. This security flaw can allow attackers to initiate unauthorized requests from the server, leading to potential data breaches and operational disruptions. What […]
An exploited CMS vulnerability or vulnerabilities to web-based attacks is a big security issue as one well-aimed attack can cause a data leak, data loss or make your server unavailable. These attacks need to be stopped before they even reach your server and the WAF 2.0 module can do that for you. This powerful defense […]
Valicom Net is a Cloud Hosting Company in Cyprus with more than 15 years of experience specializing in Business Web Hosting, Cloud Services, Virtual Private Servers, Dedicated Servers, Hosted Exchange, Web Development with Content Management System, Network Security, Antispam Services, Online Storage Email & Remote Backup. Challenges „As we offer managed and unmanaged services, the […]
Aitire is a small MSP (Managed Service Provider) company located in Spain. They have more than 10 years of experience in computer consulting, Free Software, Open Source, GNU / Linux, etc… They aspire every day to maximize their technology and provide the best tools to their clients. Challenges „We usually work with rpm based Linux […]
Our Port Honeypot module proactively catches botnets very quickly, as botnets usually start to scan open ports, which is the first step of the attack cycle. We found an old IoT botnet that became active again. It strangely happened just 2 months after 21-year-old Kenneth Schuchman pleaded guilty to developing and deploying the Satori botnet. […]
On 3 Dec 2019, we released a new agent version (2.6.4) to fix the cert update bug in the SSL Terminating module, but unfortunately, some dependencies caused serious issues (kernel panic, redirection problems) on some CentOS 6 and CentOS 7 servers. It affected only 2% of the BitNinja protected servers because it occurred only in […]
Industry-first feature is available in BitNinja! We are happy to announce that the brand-new ASN white/blacklist option is out now. This development was requested by our users and we are so thankful that our partners are inspiring us to create such special features, which are only available in BitNinja. What does ASN mean? An autonomous […]
RCE attacks are one of the most dangerous types of attacks as hackers could take complete control of the victim’s host, meaning that they can run commands, install malware, etc. In this article, I’d like to introduce 2 new vulnerabilities, which have been patched by BitNinja WAF: vBulletin RCE Rusty Joomla RCE New botnet utilizes […]
It takes 99.9% less memory usage and 99.9% less time to set up… Unbelievable, but it’s possible with the new malware monitoring tool. While BitNinja believes in the power of prevention and our proactive modules are very robust, we also want to provide an all-in-one server security service. We know that malware infections are a […]
Not everyone uses the BitNinja Dashboard for the same reasons when doing their work. We know that. Which is why we have different sub-user roles built into our Dashboard. Why do you need sub-user roles? If you need your accountant to download your subscriptions’ invoices without sharing your BitNinja account's login details, and if you […]
Understanding the Implications of CVE-2026-30841 The cybersecurity landscape is continuously evolving, with vulnerabilities emerging regularly. One such critical vulnerability is CVE-2026-30841, affecting Wallos, an open-source subscription tracker. This flaw could expose Linux server applications to serious threats if not addressed promptly. What is CVE-2026-30841? This vulnerability allows reflected cross-site scripting (XSS) through unescaped token and […]
Understanding CVE-2026-30842: A Serious Security Threat The cybersecurity landscape constantly evolves with new threats emerging daily. One such threat is the CVE-2026-30842 vulnerability found in Wallos, an open-source personal subscription tracker. This vulnerability impacts server security by allowing authenticated users to delete uploaded avatars of other users without proper authorization checks. Summary of the Incident […]
Understanding CVE-2026-30829: A Security Alert for Server Administrators The recent discovery of CVE-2026-30829 has raised significant concerns among system administrators and hosting providers. This vulnerability allows unauthenticated access to unpublished status pages of Checkmate, an open-source server monitoring tool. Understanding the implications of this threat is vital for maintaining effective server security. What Is CVE-2026-30829? […]
Introduction to CVE-2026-29788 CVE-2026-29788 reveals a serious security flaw in TSPortal, the platform used by the WikiTide Foundation's Trust and Safety team. This vulnerability allows attackers to forge self-deletion requests for any user before version 30 of the software. This incident underscores the importance of server security for system administrators, hosting providers, and web application […]
Understanding the CVE-2026-29789 Vulnerability The recent discovery of CVE-2026-29789 has raised significant concerns among system administrators and hosting providers. This vulnerability involves a critical issue in the Vito web application, facilitating unauthorized server modifications. System administrators need to be vigilant against such threats that could compromise server security and integrity. What is CVE-2026-29789? CVE-2026-29789 is […]
Introduction to CVE-2026-29788 CVE-2026-29788 reveals a serious security flaw in TSPortal, the platform used by the WikiTide Foundation's Trust and Safety team. This vulnerability allows attackers to forge self-deletion requests for any user before version 30 of the software. This incident underscores the importance of server security for system administrators, hosting providers, and web application […]
Understanding the CVE-2026-29789 Vulnerability The recent discovery of CVE-2026-29789 has raised significant concerns among system administrators and hosting providers. This vulnerability involves a critical issue in the Vito web application, facilitating unauthorized server modifications. System administrators need to be vigilant against such threats that could compromise server security and integrity. What is CVE-2026-29789? CVE-2026-29789 is […]
