New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]

Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]

New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]

Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]

In computer science, the term of availability is used to describe the period of time when a service is available. High availability is a quality of a system that assures high-level performance for a given period of time. The main goal of high availability is to eliminate the Single Point of Failures (SPoF) in your infrastructure. To […]

IP address spoofing is a technique used by hackers to disguise their IP address as another IP and gain access to sensitive information or access private services on authorized networks. In some special cases, they can create IP packets that contain a false source IP address and this way hide their original address or impersonate […]

The internet is undoubtedly one of the mankind's greatest achievements which now has more than one billion websites on it. However, something being great doesn’t imply that is also safe and that is the case with our beloved creation. Here, we are going to show you 10 types of sites (or a site in particular) […]

In the previous part of the article, we had looked at some incidents to better understand how attackers try to find SQL injection vulnerabilities. Instead of looking for other incidents, I’ve decided to write a short introduction about testing your own application using publicly available automatic tools. Constantly searching for vulnerabilities on your web applications and services […]

In December 2015 and 2016, there were two blackouts in Ukraine that caused hundreds of thousands of Ukrainians to endure the notorious eastern cold winter for a few hours. At first, this wasn’t an alarming event, as blackouts can happen anywhere and anytime. However, the scale of it made people suspicious about it. The Hacking […]

We always keep our eyes on the logs, data, and charts. We always see abnormalities and unusual behaviours, we have found botnets before, but our recent catch is one of the biggest. These cases are really hard to handle due to the huge number of affected IPs. On the evening of 14th June, we have […]

Nowadays, the Internet plays a huge part in our lives. It gets bigger and bigger every day, now it has more than one billion websites. Most of these sites are built with CMS which stands for Content Management System. It is a tool that provides an easy-to-use method for users without any programming skills in […]

[et_pb_section admin_label="section"] [et_pb_row admin_label="row"] [et_pb_column type="4_4"][et_pb_text admin_label="Text"] Honeypots are a form of proactive threat detections. Proactive threat detection is the next step in improving an organization’s security posture. It has many significant advantages e.g. it provides information about the different kinds of threats attacking the organization and the possible vulnerabilities. It works like a trap A […]

Two weeks ago we officially announced our new channeling partner, FastComet and today we would like to introduce them to you in details. They are based in the USA, a Hosting Company with huge popularity from all around the world. FastComet has partner companies like, Spam Experts, Grasshopper or CPanel, but the list could go […]

Introduction to CVE-2026-35535 The recent announcement of CVE-2026-35535 highlights a significant privilege escalation vulnerability affecting Sudo, a widely used command-line utility in Linux systems. This flaw allows an unauthorized user to gain elevated privileges, potentially compromising the system’s integrity. As server administrators and hosting providers, understanding this vulnerability is crucial to maintaining robust server security. […]

Introduction The cybersecurity landscape is constantly evolving, and with that comes new threats to server security. Recently, a significant vulnerability was discovered: CVE-2026-35508, affecting versions of Shynet prior to 0.14.0. This vulnerability permits cross-site scripting (XSS) in specific template filters, exposing servers to potential attacks. What is CVE-2026-35508? CVE-2026-35508 refers to an XSS vulnerability found […]

Understanding the CVE-2026-34762 Threat The recent CVE-2026-34762 vulnerability highlights a significant risk for system administrators and hosting providers. This vulnerability allows unauthorized manipulation of subscriber policies within the Ella Core 5G framework. Prior to version 1.8.0, the PUT /api/v1/subscriber/{imsi} API did not verify that the IMSI identifier in the URL path matched the one in […]