As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

As Truman Fisher, the famous American composer, said: “The pause is as important as the note.” So we paused at the end of the year and took a little break. But we didn’t stop thinking about how to make the Internet a safer place next year. We came back from the Christmas holiday fully charged, […]

This article discusses some essential requirements for a Linux system administrator from a cybersecurity standpoint, along with seven must-have tools that can be installed on your Linux server.

A critical vulnerability was found in Contact Form 7. The WordPress utility is activated on more than 5 million websites, and 70% of these are running the unprotected 5.3.1 version or older. The vulnerability allows attackers to bypass Contact Form 7’s filename sanitization and upload a file that can be executed as a script file on the host server.

BitNinja has become a finalist this week in the international Cloud Computing Awards program, The Cloud Awards. Since 2011, The Cloud Awards has sought to promote and celebrate excellence and innovation in cloud computing. Entries are throughout the globe and across multiple industry sectors. Categories for the 2020-21 Cloud Awards include “Cloud Project of the […]

The Business Intelligence Group announced that they had awarded BitNinja Technologies the 2020 Stratus Award for Cloud Computing in the security category.  “BitNinja is at the forefront of the cloud helping to drive practical innovations in the cloud,” said Maria Jimenez, Chief Nominations Officer of Business Intelligence Group. “The cloud is now part of the […]

Researchers have found a vulnerability in cPanel and WHM. With a zero-day attack that is a brute force, hackers can easily bypass the 2-Factor Authentication (2FA). The SEC-575 vulnerability allowed attackers to try limitless 2FA codes until finding the right one and gain access to the account. Usually, brute force attacks take more hours or […]

Renowned hacker Kevin Mitnick hacked into San Diego’s Supercomputer Center to access the device of Tsutomu Shimomura. Interestingly, Shimomura was a computer researcher who was on a mission to track down and capture Mitnick! So, when did this happen? And why was his guard down? Because it was Christmas and Black Friday! The above example […]

BitNinja received the Business Intelligence Group’s BIG Award for Business and was named 2020 Small Business of the Year. The BIG’s annual programme rewards companies, products, and people that are leading their respective industries.  “It’s a great honor to be named as a winner of the BIG Award. This trophy shows us that hard work, […]

Have you ever wondered what BitNinja can do if an account on your server has been stolen or someone gets access via a hacked SSH?  Perhaps some customers store their passwords on a sticky note, or, for example, an account has been purchased to gain access to the server to infect it with malware uploads. […]

The cybersecurity landscape continues to evolve, and recent findings have raised alarms regarding a new vulnerability: CVE-2025-11417. This critical flaw affects the Campcodes Advanced Online Voting Management System, particularly its voters_add.php file, leading to severe security implications. Overview of the Vulnerability CVE-2025-11417 introduces an unrestricted file upload vulnerability. Attackers can exploit this weakness by manipulating […]

As cybersecurity threats evolve, server security remains a critical concern for system administrators and hosting providers. A recent vulnerability, CVE-2025-61999, highlights the importance of safeguarding web application environments. Incident Summary The OPEXUS FOIAXpress application, prior to version 11.13.3.0, allows administrative users to upload SVG files. This feature can be exploited to execute malicious JavaScript when […]

Cybersecurity threats evolve continually, demanding vigilance from system administrators and hosting providers. Recently, a serious vulnerability (CVE-2025-61997) has come to light regarding the OPEXUS FOIAXpress platform. This post will detail the implications of this vulnerability, why it’s critical for server security, and how to mitigate its effects. Understanding CVE-2025-61997 The OPEXUS FOIAXpress, prior to version […]