Introduction to CVE-2026-25742 Vulnerability The cybersecurity landscape changes rapidly, and new vulnerabilities can pose risks to your infrastructure. The CVE-2026-25742 vulnerability in Zulip highlights the need for robust server security measures. System administrators and hosting providers must stay vigilant to protect Linux servers from potential threats. Understanding CVE-2026-25742 Prior to version 11.6, Zulip, an open-source […]
Understanding CVE-2026-26058: A Path Traversal Vulnerability in Zulip Zulip is an open-source team collaboration tool. Recently, a critical vulnerability, CVE-2026-26058, was discovered which could impact server security. This vulnerability exists from version 1.4.0 through to just before version 11.6, allowing attackers to exploit servers by leveraging path traversal techniques during the import process. What Happened? […]
Introduction to CVE-2026-25742 Vulnerability The cybersecurity landscape changes rapidly, and new vulnerabilities can pose risks to your infrastructure. The CVE-2026-25742 vulnerability in Zulip highlights the need for robust server security measures. System administrators and hosting providers must stay vigilant to protect Linux servers from potential threats. Understanding CVE-2026-25742 Prior to version 11.6, Zulip, an open-source […]
Understanding CVE-2026-26058: A Path Traversal Vulnerability in Zulip Zulip is an open-source team collaboration tool. Recently, a critical vulnerability, CVE-2026-26058, was discovered which could impact server security. This vulnerability exists from version 1.4.0 through to just before version 11.6, allowing attackers to exploit servers by leveraging path traversal techniques during the import process. What Happened? […]
In a commendable step towards ensuring a safer internet environment, we now offer the option to activate an AI Malware Scanner directly from your Dashboard, providing our users with a more robust defense against malicious threats. With the assistance of cloud-config, users can conveniently enable the new malware scanner on their console. What is even […]
As valued members of our esteemed BitNinja family, you are probably already familiar with all of the top-tier security solutions we offer. However, did you know that our SiteProtection feature comes at no extra cost? Today, let's delve into how this module fortifies your hosting business, enhances your service offerings, and safeguards your clients from […]
We happily announce the groundbreaking partnership with JetBackup, a powerful web hosting backup solution. This partnership aims to provide users with a seamless and user-friendly post-detection script, ensuring data protection against malware attacks. The script acts as a safety net, locking the most recent backup in case the cleaning process unintentionally removes crucial data. What […]
Many small bugfixes and stability improvements, and even more in our new BitNinja versions (V3.6.2 and 3.6.3) Most systems will automatically update, if you have specific settings or applications preventing automatic updates, you can follow our documentation on how to proceed to have the latest version installed. This is what you came for: The newest […]
Maintaining your server's reputation and the integrity of your email communications in the age of relentless botnet attacks and cyber threats is vital. Particularly, the challenge is increasingly complex for those hosting websites on servers such as WordPress, Drupal, Joomla, and others. The solution? Introducing our Outbound Spam Detection Solution, designed to protect your business […]
We at BitNinja are continuously seeking ways to enhance the protection we provide to our users. Today, we are thrilled to announce our new partnership with MagicSpam, a leading name in business email security. This collaboration can combine our comprehensive server security solutions with the sophisticated email protection services of MagicSpam, enabling an all-in-one security […]
AI-assisted malware scanning in closed beta, stability improvements, and bugfixes. All this, and even more in our new BitNinja version (V3.6.0 and 3.6.1) Most systems will automatically update, if you have specific settings or applications preventing automatic updates, you can follow our documentation on how to proceed to have the latest version installed. The spicy […]
Background WebCentral Australia, one of the region's largest domain registrars, oversees a wide array of services, including managed services, web hosting, email hosting, and Internet services. Spearheaded by the Head of Cloud and Platforms, Wahab Khan, the company maintains infrastructure and data centers across Australia and New Zealand, offering services to diverse customers. "From enterprise […]
Artificial Intelligence (AI) has rapidly evolved to become a crucial tool in our everyday lives. Its capabilities are being harnessed to improve various facets of technology, including the field of cybersecurity. A good example of a company employing AI to enhance cybersecurity measures is your favorite server security solution, BitNinja. We use AI innovatively for […]
CVE-2026-28766: A Critical Vulnerability in Gardyn Cloud API The Gardyn Cloud API has exposed a severe vulnerability known as CVE-2026-28766. This critical flaw allows unauthorized access to all user account data without any authentication requirements. Understanding the Incident This vulnerability has been given a CVSS score of 9.3, indicating a critical risk level. It enables […]
Understanding CVE-2026-28767: A Critical Vulnerability In recent cybersecurity news, a major vulnerability has been identified as CVE-2026-28767. This flaw in the Gardyn Cloud API allows unauthorized access to sensitive administrative endpoints. It raises significant concerns for server security, particularly for system administrators and hosting providers. Details of the Vulnerability The CVE-2026-28767 vulnerability relates to a […]
Critical Vulnerability in Gardyn Cloud API: CVE-2026-25197 The recent discovery of a severe vulnerability in the Gardyn Cloud API has raised significant alarms in the cybersecurity community. This vulnerability, known as CVE-2026-25197, allows authenticated users to access other user profiles by modifying the ID number within the API call. This oversight opens the door to […]
New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]
Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]
New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]
Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]
