Vulnerability Alert: CVE-2025-12038 and Its Impact on Server Security The recent discovery of CVE-2025-12038 in the Folderly plugin for WordPress has raised significant concerns within the cybersecurity community. This vulnerability allows authenticated users with Author-level access to delete critical data through an API endpoint. As system administrators and hosting providers, understanding this threat is crucial […]

Understanding CVE-2025-12090 and Its Implications for Server Security The cybersecurity landscape is constantly evolving, with vulnerabilities emerging every day. Among the recent threats, CVE-2025-12090 stands out due to its potential impact on server security. This specific vulnerability affects the popular Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress, versions up […]

Vulnerability Alert: CVE-2025-12038 and Its Impact on Server Security The recent discovery of CVE-2025-12038 in the Folderly plugin for WordPress has raised significant concerns within the cybersecurity community. This vulnerability allows authenticated users with Author-level access to delete critical data through an API endpoint. As system administrators and hosting providers, understanding this threat is crucial […]

Understanding CVE-2025-12090 and Its Implications for Server Security The cybersecurity landscape is constantly evolving, with vulnerabilities emerging every day. Among the recent threats, CVE-2025-12090 stands out due to its potential impact on server security. This specific vulnerability affects the popular Employee Spotlight – Team Member Showcase & Meet the Team Plugin for WordPress, versions up […]

BitNinja received the Business Intelligence Group’s BIG Award for Business and was named 2020 Small Business of the Year. The BIG’s annual programme rewards companies, products, and people that are leading their respective industries.  “It’s a great honor to be named as a winner of the BIG Award. This trophy shows us that hard work, […]

Have you ever wondered what BitNinja can do if an account on your server has been stolen or someone gets access via a hacked SSH?  Perhaps some customers store their passwords on a sticky note, or, for example, an account has been purchased to gain access to the server to infect it with malware uploads. […]

After last year’s €500,000 seed investment, BitNinja has raised $2.5 million in Series A funding, led by Lead Ventures. Our history BitNinja was founded in 2014 and became very profitable by the following year. In December, 2015 we were one of the eight selected start-ups in Cyber London’s second accelerator programme. In November, 2019 we […]

On 2 September 2020 arstechnica reported a zero-day vulnerability in a WordPress plugin. File Manager helps users manage their files on the website. It was downloaded 700,000 times and more than half of the customers are affected. The vulnerability allowed hackers to execute commands and upload files on a website. How did the BitNinja team patch the vulnerability? We discovered the exploit with our Defense Robot. […]

The increasing number of data breaches raises new concerns for all companies. According to Statista, there were 1,473 million data breaches causing 164 million exposed records in the US in 2019. Many companies are being sued for data breaches and since the implementation of the General Data Protection Regulation (GDPR), these cybersecurity lawsuits run into […]

Botnets are a major threat for web hosting providers and basically for every server. They are the fundamentals of cybercrime in the dark industry of hackers. A botnet is a group of infected computers (aka bots or zombie machines) controlled by a hacker, the botmaster. Zombie machines can be personal computers, mobile devices, or even […]

28 Febr, 2020 16:44 PM UPDATE: We know that it was a hard decision for the organizers, and we feel really sorry that we can't meet with the wonderful cloud community in the Europa Park this year. However, it was the right decision because security always comes first. We, however, have a plan B. 😉 […]

Why should you visit tech conferences? As our world is changing quickly, new types of technologies are constantly being made. To keep up with the rapid pace of the technology changes and to learn more about the most advanced solutions, we highly recommend everyone to visit at least 1 tech conference every year. Fortunately, there […]

On 19 February 2020, Wordfence reported a highly critical vulnerability found in the popular Duplicator plugin for WordPress. This plugin is useful when users want to migrate and copy WordPress sites. With Duplicator, sysadmins can create a new copy of the site and the generated file can be downloaded from the WP dashboard. WordPress Duplicator Plugin Zero-day […]

Introduction to Recent Vulnerability Threats The Qi Blocks plugin for WordPress has been flagged with a critical security vulnerability. This issue affects all versions up to and including 1.4.3. It exposes your server to various threats, including unauthorized access and potential data breaches, which can severely impact your server security and overall system integrity. Summary […]

Understanding the Importance of Server Security The cybersecurity landscape is evolving rapidly, and server administrators must stay vigilant. Recent vulnerabilities have cast a spotlight on the dangers posed by SQL injection attacks, particularly targeting popular platforms like the wpForo Forum plugin. This vulnerability emphasizes the critical need for robust server security measures to protect sensitive […]

New Vulnerabilities Threaten Server Security As cybersecurity threats evolve, staying informed is essential for system administrators and hosting providers. Recent developments highlight vulnerabilities that can severely impact server security. These threats not only compromise data integrity but also expose sensitive information. Incident Overview The recent CVE-2025-11983 vulnerability affects the WP Discourse plugin for WordPress. Any […]