New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]
Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]
New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]
Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]
ReadySpace was founded in 2003 and is based in Singapore. They provide cloud-based solutions to their 150,000 customers, mainly from the Asia Pacific region. They are now expanding to the Philippines and Indonesia, and since 2013 started to open towards American businesses. Challenges They were experiencing the harmful effects of heavy DoS attacks mainly, which […]
BitNinja was founded in 2014 and became very profitable by the following year. We could quickly grow by using our own resources, however, we are truly committed to our mission. We want to make the internet a safer place, so we decided to speed up our growth with investors. We are pleased to announce that […]
Ganesh Hosting is one of our oldest customers, who are with us from the very beginning. A few years ago, we asked them about their experience and created this case study. It was available only for our reseller partners but now we would like to share it with the publicity. The company Ganesh Hosting is […]
[et_pb_section fb_built="1" _builder_version="3.0.47"][et_pb_row _builder_version="3.0.48" background_size="initial" background_position="top_left" background_repeat="repeat"][et_pb_column type="4_4" _builder_version="3.0.47"][et_pb_text _builder_version="3.21.1" background_size="initial" background_position="top_left" background_repeat="repeat"]Complicated WAF setup? Not anymore! The new BitNinja Transparent Proxy offers a new way for a much easier WAF setup and more convenient WAF management. You don’t have to hassle with enabling the X-Forwarded-For header from now on. Background At the beginning of […]
In the previous quarter, we announced a new beta module, the Trusted Proxy, which became some of our users’ favorite module: “The new Trusted Proxy feature simply blows the competition out of the water especially when you consider the price point at which are offering BitNinja. We couldn’t be happier with how things are proceeding. […]
Hacked websites? Outdated WordPress versions? Complaining customers? These painful problems cause daily headaches for many web hosting companies out there. We've heard a lot of bad stories from our partners about these memories. We are happy to say that we can welcome a new member to our Ninja Community who can forget about the above-mentioned […]
Technology is always evolving, and there are continuous new developments that change the spectrum of what is possible and what companies can do with technology. Because of this, cyberattacks, and therefore cybersecurity, are constantly adapting and reviewing their methods to stay on top of things. This is difficult for cybersecurity teams because technology moves so […]
All businesses need to be doing as much as possible to ensure that they are defended against cyber-attacks. But cyber-crime has become so sophisticated that in many cases your company could be compromised without you even realizing it. Here we take a look at some of the ways that malware could be working within your […]
We were proud to be sponsoring Webpros Summit 2019 in Atlanta, Georgia. Built on the previous success of the annual cPanel Conference, this year WebPros brands (cPanel, Plesk, SolusVM and Xovi) brought Webpros Summit to life, a highly technical conference with the best professionals and the best networking events in the industry. To bring the web hosting […]
Introduction to CVE-2026-35535 The recent announcement of CVE-2026-35535 highlights a significant privilege escalation vulnerability affecting Sudo, a widely used command-line utility in Linux systems. This flaw allows an unauthorized user to gain elevated privileges, potentially compromising the system’s integrity. As server administrators and hosting providers, understanding this vulnerability is crucial to maintaining robust server security. […]
Introduction The cybersecurity landscape is constantly evolving, and with that comes new threats to server security. Recently, a significant vulnerability was discovered: CVE-2026-35508, affecting versions of Shynet prior to 0.14.0. This vulnerability permits cross-site scripting (XSS) in specific template filters, exposing servers to potential attacks. What is CVE-2026-35508? CVE-2026-35508 refers to an XSS vulnerability found […]
Understanding the CVE-2026-34762 Threat The recent CVE-2026-34762 vulnerability highlights a significant risk for system administrators and hosting providers. This vulnerability allows unauthorized manipulation of subscriber policies within the Ella Core 5G framework. Prior to version 1.8.0, the PUT /api/v1/subscriber/{imsi} API did not verify that the IMSI identifier in the URL path matched the one in […]
Understanding CVE-2023-7343: A Major Threat to Server Security As system administrators and hosting providers, staying ahead of vulnerabilities is crucial for maintaining server security. The recently disclosed CVE-2023-7343 highlights a significant risk that could affect the integrity of your Linux servers. This vulnerability allows attackers to escalate privileges and misuse the affected software, jeopardizing sensitive […]
Understanding CVE-2024-14034 and Its Impact The cybersecurity landscape continues to evolve, introducing new vulnerabilities that threaten server security. Recently, a critical authentication bypass vulnerability known as CVE-2024-14034 was discovered in Hirschmann HiEOS devices. What is CVE-2024-14034? This vulnerability exists in the HTTP(S) management module of Hirschmann HiEOS devices. It allows unauthenticated remote attackers to gain […]
Understanding CVE-2023-7343: A Major Threat to Server Security As system administrators and hosting providers, staying ahead of vulnerabilities is crucial for maintaining server security. The recently disclosed CVE-2023-7343 highlights a significant risk that could affect the integrity of your Linux servers. This vulnerability allows attackers to escalate privileges and misuse the affected software, jeopardizing sensitive […]
Understanding CVE-2024-14034 and Its Impact The cybersecurity landscape continues to evolve, introducing new vulnerabilities that threaten server security. Recently, a critical authentication bypass vulnerability known as CVE-2024-14034 was discovered in Hirschmann HiEOS devices. What is CVE-2024-14034? This vulnerability exists in the HTTP(S) management module of Hirschmann HiEOS devices. It allows unauthenticated remote attackers to gain […]
