Understanding the Open edX Vulnerability The Open edX platform recently revealed a security flaw that allows attackers to exploit an unvalidated redirect_url parameter in survey views. This vulnerability emphasizes the need for robust server security measures, especially for hosting providers and web application developers. What Happened? When a non-existent survey name is requested, Open edX […]

CVE-2026-22675: Security Vulnerability Overview The recent discovery of CVE-2026-22675 highlights a critical security vulnerability in OCS Inventory NG Server. This stored cross-site scripting (XSS) vulnerability affects versions 2.12.3 and earlier. It enables unauthenticated attackers to execute arbitrary JavaScript in users' browsers, posing severe risks to server security. Understanding the Threat This vulnerability arises when attackers […]

Understanding the Open edX Vulnerability The Open edX platform recently revealed a security flaw that allows attackers to exploit an unvalidated redirect_url parameter in survey views. This vulnerability emphasizes the need for robust server security measures, especially for hosting providers and web application developers. What Happened? When a non-existent survey name is requested, Open edX […]

CVE-2026-22675: Security Vulnerability Overview The recent discovery of CVE-2026-22675 highlights a critical security vulnerability in OCS Inventory NG Server. This stored cross-site scripting (XSS) vulnerability affects versions 2.12.3 and earlier. It enables unauthenticated attackers to execute arbitrary JavaScript in users' browsers, posing severe risks to server security. Understanding the Threat This vulnerability arises when attackers […]

We were proud to be sponsoring Webpros Summit 2019 in Atlanta, Georgia. Built on the previous success of the annual cPanel Conference, this year WebPros brands (cPanel, Plesk, SolusVM and Xovi) brought Webpros Summit to life, a highly technical conference with the best professionals and the best networking events in the industry. To bring the web hosting […]

Building a winning website is hard, and comprises of many components. Plus, every client wants great page speed, uptime, UX, design, and marketing to make the business profitable. However, many VPS owners forget to focus on security - from SEO aspect. Until they get hacked and the rankings drop... How website security directly affects SEO […]

Did you find something new on your Dashboard? Almost 5 years ago, we announced BitNinja 1.0.0 and sooo many things happened since then. I could write a whole book if I would like to summarize the results of this period. Instead, let’s meet with the BitNinja 2.0.0! What 2.0.0 brings to you? This is the […]

The number of cyber-attacks against businesses grows every year, with 2019 likely to see record numbers already. While it is not good news that businesses continue to suffer from attacks, the number of reported incidents in the news does at least provide savvy organizations with learning opportunities to avoid making the same mistakes. Here are […]

In our Ninja HQ, we have a library with more than 400 books. We love learning new things and we truly believe in the life-long learning approach. In this quickly changing world, keeping yourself up-to-date is essential. There are tons of books on cybersecurity, but in this article, we’d like to give you a personal […]

Which sentence do you think is true? I have a strong password, so nobody could hack my account. My servers’ security is so important, which is why I have to do the most to avoid hackers gaining access to my BitNinja account. If you are one of those, who agree with the second sentence, then […]

Here, at BitNinja we always keep a close look on the defended incidents in order to discover attack trends and new attack types. Currently, BitNinja protects over 5000 servers worldwide and we are effectively defending more than 50 millions incidents every week. Undoubtedly, we still see many “oldtimer” attack types between these incidents such as […]

Where are our tech ninjas? The first quarter of 2019 was quite stirring. We have also published several articles about our work. So, let’s start just by thinking about these developments: FTP CAPTCHA New SenseLog rules Newly discovered file uploader botnet Patched Drupal vulnerability Defense Robot Anti-Phishing Also, what happened in Q2? Malware Scanner Slack […]

There is a huge demand for buying botnets on the Dark Web, so it’s not a surprise that new kinds of botnets appear from time to time in order to meet the needs of the cybergangs. Of course, there are some old but constantly attacking botnets, like the most popular Mirai botnet or the Hello […]

Understanding CVE-2026-35475: An Open Redirect Vulnerability The recent CVE-2026-35475 vulnerability discovered in WeGIA poses significant threats to server security. This issue arises from an open redirect—allowing attackers to redirect users to malicious sites. As web application vulnerabilities continue to evolve, system administrators and hosting providers must remain vigilant. Incident Summary WeGIA, a web management system […]

Introduction to WeGIA Vulnerability The WeGIA Open Redirect vulnerability poses significant risks to hosting providers and system administrators. Identified in versions prior to 3.6.9, this flaw allows attackers to exploit the web application, redirecting users to malicious sites. Understanding this vulnerability is crucial for enhancing server security and user safety. Summary of the Incident WeGIA, […]

Understanding CVE-2026-5631 and Its Implications The digital landscape is ever-evolving, and so are the threats to server security. A recent vulnerability, CVE-2026-5631, has emerged in the assafelovic gpt-researcher application. It highlights the need for vigilance among system administrators and hosting providers. What Is CVE-2026-5631? CVE-2026-5631 raises concerns due to its potential for code injection via […]