Introduction to CVE-2026-25742 Vulnerability The cybersecurity landscape changes rapidly, and new vulnerabilities can pose risks to your infrastructure. The CVE-2026-25742 vulnerability in Zulip highlights the need for robust server security measures. System administrators and hosting providers must stay vigilant to protect Linux servers from potential threats. Understanding CVE-2026-25742 Prior to version 11.6, Zulip, an open-source […]

Understanding CVE-2026-26058: A Path Traversal Vulnerability in Zulip Zulip is an open-source team collaboration tool. Recently, a critical vulnerability, CVE-2026-26058, was discovered which could impact server security. This vulnerability exists from version 1.4.0 through to just before version 11.6, allowing attackers to exploit servers by leveraging path traversal techniques during the import process. What Happened? […]

Introduction to CVE-2026-25742 Vulnerability The cybersecurity landscape changes rapidly, and new vulnerabilities can pose risks to your infrastructure. The CVE-2026-25742 vulnerability in Zulip highlights the need for robust server security measures. System administrators and hosting providers must stay vigilant to protect Linux servers from potential threats. Understanding CVE-2026-25742 Prior to version 11.6, Zulip, an open-source […]

Understanding CVE-2026-26058: A Path Traversal Vulnerability in Zulip Zulip is an open-source team collaboration tool. Recently, a critical vulnerability, CVE-2026-26058, was discovered which could impact server security. This vulnerability exists from version 1.4.0 through to just before version 11.6, allowing attackers to exploit servers by leveraging path traversal techniques during the import process. What Happened? […]

By now, you are likely aware that on May 25, 2018, a new data privacy law introduced in Europe called the General Data Protection Regulation (GDPR) will go into effect. GDPR govern how businesses collect, use and share personal data and it allows individuals to exercise their legal rights. Of course, we have taken the […]

People can never rest. We thought that after the last serious Drupal vulnerablity finally we can rest, but a new threat came up which is including GPON routers made by Dasan. GPON is a type of Passive Optical Network (PON) used to provide fiber connections. It is being used to provide short haul fiber connections […]

Third critical Drupal vulnerability discovered!!! Those who are running a Drupal website couldn’t have a rest over the past few weeks. This is the third time when Drupal recommends to update these sites. During exploring the previous remote code execution (RCE) vulnerability, the CVE-2018-7600, the team discovered a new RCE vulnerability (CVE-2018-7602). If  you or […]

Our team has attended the CloudFest back in March where during the security panel we have attended a presentation about the importance of security by design an important thing in terms of responsibility and suggested OWASP as a standard to start with. In this blog post we would like to show, why it is important […]

CloudFest 2018 – The Security Panel Attending at Cloudfest (formerly known as WHD.Global) is always the highlight of the year event-wise. Catching up with our partners, having lively debates about new technologies and learning from industry leaders are things we always go for. As our ninjas attended in incognito this time – only as attendees, […]

The beta version of WAF 2.0 is performing much better than we expected. The feedback we’ve been receiving about it is truly fascinating. More and more people are realizing just how powerful this module is. It’s already – effectively protecting – hundreds of servers against SQL injections, XSS attacks, command injections, directory traversal, data leakage and […]

2 days ago, a serious vulnerability, SA-CORE-2018-002 (CVE-2018-7600) has been found in Drupal 6, 7 and 8, which affects over one million websites. All the unpatched Drupals are in serious danger! An attacker can upload backdoors or malware via this newly discovered vulnerability. The vulnerability is scored 21/25 Highly Critical! Details of the vulnerability: This […]

We have collected the best practices of the most successful BitNinja customers. Would you like to completely eliminate hackers on your servers? Follow this guideline to achieve the most with BitNinja and stop all hackers. The initial steps to eliminate hackers When you first install BitNinja on your server, the best you can do is […]

CVE-2026-28766: A Critical Vulnerability in Gardyn Cloud API The Gardyn Cloud API has exposed a severe vulnerability known as CVE-2026-28766. This critical flaw allows unauthorized access to all user account data without any authentication requirements. Understanding the Incident This vulnerability has been given a CVSS score of 9.3, indicating a critical risk level. It enables […]

Understanding CVE-2026-28767: A Critical Vulnerability In recent cybersecurity news, a major vulnerability has been identified as CVE-2026-28767. This flaw in the Gardyn Cloud API allows unauthorized access to sensitive administrative endpoints. It raises significant concerns for server security, particularly for system administrators and hosting providers. Details of the Vulnerability The CVE-2026-28767 vulnerability relates to a […]

Critical Vulnerability in Gardyn Cloud API: CVE-2026-25197 The recent discovery of a severe vulnerability in the Gardyn Cloud API has raised significant alarms in the cybersecurity community. This vulnerability, known as CVE-2026-25197, allows authenticated users to access other user profiles by modifying the ID number within the API call. This oversight opens the door to […]