As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

Two weeks ago we officially announced our new channeling partner, FastComet and today we would like to introduce them to you in details. They are based in the USA, a Hosting Company with huge popularity from all around the world. FastComet has partner companies like, Spam Experts, Grasshopper or CPanel, but the list could go […]

Last week we released our newest front-end development, which grants you a more transparent view of your installed servers on our already easy-to-use dashboard. After logging into your account, you will instantly realize the improvements. On the servers homepage, the installed servers are shown on ninja-colored cards. Let’s see in details their contents: On the […]

In the last decade, elaborating a good Continuous Integration and Continuous Deployment strategy became one of the basic requirements in most of the IT companies. The average life expectancy of a Fortune 500 company has dramatically fallen down (from 75 years to 15 years) compared to the statistics a century before. ”Unicorns” are growing rapidly, […]

On 12th May 2017, the biggest cyber attack of recent times has happened and the threat is still present. Started from Europe and within a couple of hours has grown into a worldwide virus. The crisis has been caused by the WannaCry ransomware and its variants. The virus locks the infected computer and informs the users with […]

In this article, we are writing about how to secure automated decryption, based on Nathaniel McCallum’s presentation at DevConf 2017. One thing is certain, the security of our data is one of the most important things in this digital day and age. We always had a plan to protect our data, but as time changes, that […]

In this article, we would like to summarize our recently released developments, which impact the daily life of our clients. First of all, ... TheHTTPS Captcha: If you enable this feature in your agent, BitNinja will be able to present a Captcha on HTTPS. This will make the IP removal from our greylist possible just […]

Hacking has become a huge part of our lives, partly because of popular culture and partly because it can give us some serious headaches when they mess with our beloved computers.  Usually, people see them as either harmful cyber-criminals or as freedom-fighters. But in this article, we are talking about a third group of hackers, […]

A part of our Ninjastic Team participated in WHD Global in Rust, Germany for the second time. We gained a lot of experience, made new friends, learned about the trends of our industry and broadened our customer base. If you want to see the exhibition through the Ninjas' eyes, read on. The WHD staff really […]

This week we released a new version of BitNinja, which contains many significant performance improvements. But what are the changes exactly? We limited the SS usage of our Outbound WAF module. It will only use SS if a malicious request is caught. Its result will be a significant drop in BitNinja's CPU usage. Our SenseLog […]

The cybersecurity landscape continues to evolve, and recent findings have raised alarms regarding a new vulnerability: CVE-2025-11417. This critical flaw affects the Campcodes Advanced Online Voting Management System, particularly its voters_add.php file, leading to severe security implications. Overview of the Vulnerability CVE-2025-11417 introduces an unrestricted file upload vulnerability. Attackers can exploit this weakness by manipulating […]

As cybersecurity threats evolve, server security remains a critical concern for system administrators and hosting providers. A recent vulnerability, CVE-2025-61999, highlights the importance of safeguarding web application environments. Incident Summary The OPEXUS FOIAXpress application, prior to version 11.13.3.0, allows administrative users to upload SVG files. This feature can be exploited to execute malicious JavaScript when […]

Cybersecurity threats evolve continually, demanding vigilance from system administrators and hosting providers. Recently, a serious vulnerability (CVE-2025-61997) has come to light regarding the OPEXUS FOIAXpress platform. This post will detail the implications of this vulnerability, why it’s critical for server security, and how to mitigate its effects. Understanding CVE-2025-61997 The OPEXUS FOIAXpress, prior to version […]