New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]

Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]

New Cookie Injection Vulnerability Affects Tornado Server The recent announcement of the CVE-2026-35536 vulnerability raised eyebrows across the cybersecurity landscape. This cookie injection flaw in Tornado, discovered before version 6.5.5, could have serious implications for server security. Incident Summary This vulnerability allows attackers to inject crafted characters into `domain`, `path`, and `samesite` arguments. The lack […]

Understanding CVE-2026-28815 and Its Implications The recent discovery of CVE-2026-28815 highlights a significant security vulnerability that affects server security, specifically within the Apple Swift-Crypto library. This flaw allows attackers to trigger an out-of-bounds read in the C decapsulation path when a short X-Wing HPKE key is supplied. The result can be a crash or memory […]

There are many ways your server can be compromised. In this article, I try to sum up the top 5 signs, which show your server has been compromised through your website. Your website is a very vulnerable part of your server, so many attacks targeting this interface. Not only big enterprises, like Sony or Apple, […]

Do you like going to conferences? We really do! Not just because of the fizzing atmosphere, hot topics and mind-blowing technologies. It’s you guys, who we like to meet in person at an exhibition. BitNinja users are from all over the world now from the US to Singapore. And these events provide such a great […]

A long time ago, in a galaxy far, far away … Ohh wait, it’s just happening. Yeah, one of the most anticipated ninja modules, the ‘gorgeous’ Port Honeypot has been released.  I know what you are thinking now “How can it be gorgeous? But seriously, this is about a security function”.  Let me introduce you […]

The holidays are over already, and hackers didn’t sleep at all during that time. Yeah, a critical Joomla vulnerability is on board again. To tell the truth, this 0-day remote command execution vulnerability is already 3-weeks old, but it can still cause headache for owners using versions from 1.5 to 3.4. It is a quite […]

We are so proud and excited to announce that BitNinja team is one of the eight selected startups in Cyber London’s second accelerator programme. It has been a long-awaited goal of us which is a perfect opportunity to rise BitNinja to the next level. It means lots of passionate work, helpful mentorship and a dynamic environment to […]

2015 was a big year both for our team and for you who use BitNinja on your servers to make the Internet a safer place. We are so proud of our community, full of committed and passionate hacker hunters. A lot has happened this year and now, nearing the end of it, it feels good […]

Mystery is on the horizon, ladies and gentlemen! And we always get excited about unappreciated server attacks. Just like in case of this ‘abdulkarrem’ one. Come, put on the role of Sherlock Holmes with us. Recently, there is a very frequent attack type. More and more sysadmin experience and complain about malicious request like these: […]

BitNinja has two very efficient detection modules. Log analysis and DoS detection does a great job in filtering attacks, but they are lack of one very important thing. Log analysis can only work on requests already reached your server. There are attacks like login brute force attacks, where it is not a problem as there […]

Our Ninja Lab is always full of fantastic ideas and improvements. Sometimes it’s an easy ride to develop a terrific feature, sometimes it takes longer to find the right recipe. Yes, you guessed well, we are talking about the web application firewall module. But thanks to our enthusiastic users’ contribution in development and to our […]

Introduction to CVE-2026-35535 The recent announcement of CVE-2026-35535 highlights a significant privilege escalation vulnerability affecting Sudo, a widely used command-line utility in Linux systems. This flaw allows an unauthorized user to gain elevated privileges, potentially compromising the system’s integrity. As server administrators and hosting providers, understanding this vulnerability is crucial to maintaining robust server security. […]

Introduction The cybersecurity landscape is constantly evolving, and with that comes new threats to server security. Recently, a significant vulnerability was discovered: CVE-2026-35508, affecting versions of Shynet prior to 0.14.0. This vulnerability permits cross-site scripting (XSS) in specific template filters, exposing servers to potential attacks. What is CVE-2026-35508? CVE-2026-35508 refers to an XSS vulnerability found […]

Understanding the CVE-2026-34762 Threat The recent CVE-2026-34762 vulnerability highlights a significant risk for system administrators and hosting providers. This vulnerability allows unauthorized manipulation of subscriber policies within the Ella Core 5G framework. Prior to version 1.8.0, the PUT /api/v1/subscriber/{imsi} API did not verify that the IMSI identifier in the URL path matched the one in […]