Introduction System administrators and hosting providers must prioritize server security to protect against emerging vulnerabilities. Recently, a critical vulnerability designated as CVE-2026-55198 was identified in Hermes WebUI versions prior to 0.51.443. This flaw enables unauthorized session data access and presents a significant risk to affected servers. The CVE-2026-55198 Vulnerability The vulnerability arises from an authorization […]

Understanding the CVE-2026-55197 Vulnerability The CVE-2026-55197 vulnerability affects the Hermes WebUI version earlier than 0.51.443. This flaw lies in the /api/session endpoint and poses serious risks for server administrators and hosting providers. Victims may face unauthorized access to sensitive data from other users' sessions. Why This Matters for Server Administrators This vulnerability is critical because […]

Introduction System administrators and hosting providers must prioritize server security to protect against emerging vulnerabilities. Recently, a critical vulnerability designated as CVE-2026-55198 was identified in Hermes WebUI versions prior to 0.51.443. This flaw enables unauthorized session data access and presents a significant risk to affected servers. The CVE-2026-55198 Vulnerability The vulnerability arises from an authorization […]

Understanding the CVE-2026-55197 Vulnerability The CVE-2026-55197 vulnerability affects the Hermes WebUI version earlier than 0.51.443. This flaw lies in the /api/session endpoint and poses serious risks for server administrators and hosting providers. Victims may face unauthorized access to sensitive data from other users' sessions. Why This Matters for Server Administrators This vulnerability is critical because […]

We’ve been through some busy weeks again, full of excitements and DoS-improvements. We’d like to say thank you again for all the supportive bugfix and development tickets, sent by you all. We can bring the best out of BitNinja together, no doubts about it. 😉 Let’s see the new features and bugfixes which gave birth […]

We just launched BitNinja a little more than a month ago. It has been already demonstrated for 1 year in our own hosting environment, and success is coming from users worldwide, too. Read more and celebrate with us. BitNinja’s public beta ended on 23rd March, 2015. There were exactly 220 active BitNinja servers back then. […]

As always, you are encouraged to tell us what you think about BitNinja. Everything is welcome from bugs to development suggestions. That’s how version 1.4 was born, too. We’d like to extend a special thank you to all of the Ninjas who contributed to this version by contacting us tirelessly. Check out what’s new for […]

BitNinja’s active server counter is here again. We just reached the 294th Ninja-protected server worldwide. Now really, from Canada to Thailand, ninjas are everywhere. You guys are the best! We’d like to say thank you for this with a little gift: If you are the 300th installer in our list, you’ll get the BitNinja protection […]

BitNinja team is going to HostingCon Global in July. This is your opportunity to meet us as your potential business partner, in a fun and educational atmosphere. What is HostingCon? HostingCon is the premier industry conference and trade show for hosting and cloud providers. Join over 2000 of your hosting and cloud industry peers to discover […]

We are happy to announce BitNinja 1.0.0  The version counter turned from 0.31 to our first full release, because BitNinja 1.0.0 is now running stable on more than 100 production servers worldwide! That’s a great success for us and a big loss for the hackers. 😉  So what’s new in 1.0.0?  What is new in addition […]

There were 22.000 attendees, from more than 100 countries, with the biggest names in the tech world, more than 500 speakers, lack of wi-fi, 145.000 tweets in 72 hours, many business cards, a high interest in our server defense system and wonderful Irish hospitality. Here’s the wrap up of Web Summit 2014. Web Summit is […]

Hi there, Imagine where we will be free to meet soon: BitNinja’s going to the WebSummit, in Dublin! A few months ago we applied to the Alpha program of this event, dedicated to startups. After 2 weeks we got an email from the organizer that said: “There are so many applications for the program that we won’t […]

Did you hear about the Shellshock bug on bash Unix shell? There hasn’t been such a scandalous bug since Heartbleed that has caused such a big mess among server owners.A series of attacks on websites and servers using the serious Shellshock bug was spotted a few days ago. Millions of servers use software that is vulnerable […]

Introduction Cybersecurity threats constantly evolve, calling for increased vigilance from system administrators and hosting providers. Recently, a critical vulnerability (CVE-2026-55196) was identified in the Hermes WebUI prior to version 0.51.409. This vulnerability enables unauthenticated attackers to register arbitrary passkeys, putting your server security at risk. Summary of the Vulnerability The identified flaw in Hermes WebUI […]

CVE-2026-53871: A New Threat to Server Security The recent emergence of CVE-2026-53871 highlights the ongoing challenges faced by system administrators and hosting providers. This vulnerability affects Hermes WebUI versions prior to 0.51.368, creating an authorization bypass risk that could jeopardize server security. Understanding CVE-2026-53871 This vulnerability stems from the get_profile_cookie() function in Hermes WebUI. It […]

Introduction to CVE-2026-53870 The security landscape is ever-evolving, and the recent discovery of a vulnerability known as CVE-2026-53870 highlights ongoing risks for those responsible for server security. This vulnerability exists in Hermes Agent versions below 0.16.0, where sensitive files are created with insecure permissions, leading to potential data exposure. Summary of the Vulnerability Hermes Agent […]