As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

As cyber threats evolve, the need for robust server security measures has become critical. Recently, multiple stored cross-site scripting (XSS) vulnerabilities were disclosed in various versions of Liferay, a popular open-source digital experience platform. Overview of the Vulnerability These vulnerabilities, identified as CVE-2025-43822, affect Liferay Portal 7.4.3.15 through 7.4.3.111 and Liferay DXP versions from 2023.Q3.1 […]

The cybersecurity landscape is ever-evolving, and staying updated on vulnerabilities is crucial for server administrators and hosting providers. Recently, a notable vulnerability, identified as CVE-2025-11415, was found in the PHPGurukul Beauty Parlour Management System. This vulnerability poses a serious risk that could be exploited remotely, leading to significant security concerns. Summary of the CVE-2025-11415 Incident […]

Last week the Chief Content Manager of HostAdvice, a company who provides transparent and handy advice for those who are looking for Hosting Providers, interviewed our CEO George Egri about the nitty-gritty details of BitNinja. They have covered topics like: Why this product is better than other solutions George's views about the future of security […]

XML-RPC attacks are “trending” nowadays. If you search for “XML-RPC attack” on Google, you can see approximately 380,000 results. Most of the articles deal with XML-RPC attacks on WordPress-based websites. What is XML-RPC? RPC stands for remote procedure call and XML is the abbreviation of Extensible Markup Language. XML is widely used to represent data […]

In this article we will be dealing with OpenShift and Kubernetes technology. You can find some explanations about the terms used at the end of the article. If you want to take the neccessary steps to upgrade your own application, the first thing to do will be turning your pile of code into a container […]

Do you have a monolithic application (for example a complex server-side enterprise application) with big features like support varieties of different clients, API for 3rd parties and some integrations with other web services and message brokers? Code usage is tolerable, but you want to release a smashing feature in the future, though you do not […]

In the last 2 weeks, we released 2 new versions of BitNinja. Let’s take a look at the novelties: BitNinja version 1.12.10: CaptchaChallenge pages now use 403 status code instead of 200. Good bots will notice it and leave it. This means, that the good bots will recognize our captcha pages, and won’t walk around […]

Before the expansion of Windows Operational Systems and the creation of the Linux, the world was ruled by UNIX systems. The UNIX was used predominantly in the 1980’s. Despite of its positive traits it was mainly used by research centers, institutes and school’s operational system. It can be thanked partly to its price, and also […]

This time of the year is always very cheerful. It’s the holiday season; everyone is happy and excited with all the festivities going on. But it’s important to be careful, especially during the holidays and going into the new year. Hackers prey during this time period, distractions from the season are all around. Hackers need […]

Let’s see a real-life evidence from the BitNinja logs how we detect and block script injection.  The hackers always think they can fool the software, but the malicious scripts and packages are constantly dropped by Ninja Security. Being a machine-learning system, BitNinja collects the attack information and spreads it to other protected servers, so they will […]

Let’s start with the definition. Ransomware is a kind of malware that installs itself onto an unprotected computer, encrypts some files, and asks for a certain amount of money for decryption or to not publish certain sensitive information online. It is called a denial-of-access attack and it can be very frustrating because you know that the […]

The cybersecurity landscape continues to evolve, and recent findings have raised alarms regarding a new vulnerability: CVE-2025-11417. This critical flaw affects the Campcodes Advanced Online Voting Management System, particularly its voters_add.php file, leading to severe security implications. Overview of the Vulnerability CVE-2025-11417 introduces an unrestricted file upload vulnerability. Attackers can exploit this weakness by manipulating […]

As cybersecurity threats evolve, server security remains a critical concern for system administrators and hosting providers. A recent vulnerability, CVE-2025-61999, highlights the importance of safeguarding web application environments. Incident Summary The OPEXUS FOIAXpress application, prior to version 11.13.3.0, allows administrative users to upload SVG files. This feature can be exploited to execute malicious JavaScript when […]

Cybersecurity threats evolve continually, demanding vigilance from system administrators and hosting providers. Recently, a serious vulnerability (CVE-2025-61997) has come to light regarding the OPEXUS FOIAXpress platform. This post will detail the implications of this vulnerability, why it’s critical for server security, and how to mitigate its effects. Understanding CVE-2025-61997 The OPEXUS FOIAXpress, prior to version […]