Critical Security Flaw in ThinkDashboard System administrators and hosting providers need to stay vigilant against emerging threats. Recently, a stored Cross-Site Scripting (XSS) vulnerability (CVE-2025-64177) was discovered in ThinkDashboard, a self-hosted bookmark management tool. This flaw could potentially allow attackers to execute malicious scripts through user interactions, such as clicking on crafted links. Understanding the […]

Understanding CVE-2025-64178: Jellysweep Vulnerability The recent discovery of CVE-2025-64178 highlights a significant security vulnerability in Jellysweep, a popular cleanup tool for the Jellyfin media server. This article will delve into the details of the vulnerability, its implications for server security, and practical steps hosting providers can take to mitigate the risk. Incident Overview CVE-2025-64178 pertains […]

Critical Security Flaw in ThinkDashboard System administrators and hosting providers need to stay vigilant against emerging threats. Recently, a stored Cross-Site Scripting (XSS) vulnerability (CVE-2025-64177) was discovered in ThinkDashboard, a self-hosted bookmark management tool. This flaw could potentially allow attackers to execute malicious scripts through user interactions, such as clicking on crafted links. Understanding the […]

Understanding CVE-2025-64178: Jellysweep Vulnerability The recent discovery of CVE-2025-64178 highlights a significant security vulnerability in Jellysweep, a popular cleanup tool for the Jellyfin media server. This article will delve into the details of the vulnerability, its implications for server security, and practical steps hosting providers can take to mitigate the risk. Incident Overview CVE-2025-64178 pertains […]

We’ve been through some busy weeks again, full of excitements and DoS-improvements. We’d like to say thank you again for all the supportive bugfix and development tickets, sent by you all. We can bring the best out of BitNinja together, no doubts about it. 😉 Let’s see the new features and bugfixes which gave birth […]

We just launched BitNinja a little more than a month ago. It has been already demonstrated for 1 year in our own hosting environment, and success is coming from users worldwide, too. Read more and celebrate with us. BitNinja’s public beta ended on 23rd March, 2015. There were exactly 220 active BitNinja servers back then. […]

As always, you are encouraged to tell us what you think about BitNinja. Everything is welcome from bugs to development suggestions. That’s how version 1.4 was born, too. We’d like to extend a special thank you to all of the Ninjas who contributed to this version by contacting us tirelessly. Check out what’s new for […]

BitNinja’s active server counter is here again. We just reached the 294th Ninja-protected server worldwide. Now really, from Canada to Thailand, ninjas are everywhere. You guys are the best! We’d like to say thank you for this with a little gift: If you are the 300th installer in our list, you’ll get the BitNinja protection […]

BitNinja team is going to HostingCon Global in July. This is your opportunity to meet us as your potential business partner, in a fun and educational atmosphere. What is HostingCon? HostingCon is the premier industry conference and trade show for hosting and cloud providers. Join over 2000 of your hosting and cloud industry peers to discover […]

We are happy to announce BitNinja 1.0.0  The version counter turned from 0.31 to our first full release, because BitNinja 1.0.0 is now running stable on more than 100 production servers worldwide! That’s a great success for us and a big loss for the hackers. 😉  So what’s new in 1.0.0?  What is new in addition […]

There were 22.000 attendees, from more than 100 countries, with the biggest names in the tech world, more than 500 speakers, lack of wi-fi, 145.000 tweets in 72 hours, many business cards, a high interest in our server defense system and wonderful Irish hospitality. Here’s the wrap up of Web Summit 2014. Web Summit is […]

Hi there, Imagine where we will be free to meet soon: BitNinja’s going to the WebSummit, in Dublin! A few months ago we applied to the Alpha program of this event, dedicated to startups. After 2 weeks we got an email from the organizer that said: “There are so many applications for the program that we won’t […]

Did you hear about the Shellshock bug on bash Unix shell? There hasn’t been such a scandalous bug since Heartbleed that has caused such a big mess among server owners.A series of attacks on websites and servers using the serious Shellshock bug was spotted a few days ago. Millions of servers use software that is vulnerable […]

Understanding CVE-2025-64179 and Its Impact on Server Security Recently, a critical vulnerability known as CVE-2025-64179 was discovered in lakeFS, an open-source tool that transforms object storage into Git-like repositories. The flaw allowed unauthenticated access to the /api/v1/usage-report/summary endpoint, enabling anyone to retrieve aggregate API usage counts. Though no sensitive information is disclosed, this vulnerability can […]

Introduction to ThinkDashboard Vulnerability The recent discovery of a vulnerability in ThinkDashboard underscores the importance of robust server security. This vulnerability allows attackers to upload arbitrary files via the backup import feature, exposing potential risks for server administrators and hosting providers. Overview of the Vulnerability Identified as CVE-2025-64176, this flaw affects versions 0.6.7 and below […]

Understanding CVE-2025-62047 for Server Security The latest cybersecurity report highlights a critical vulnerability in the WordPress Case Addons plugin. This flaw could allow unauthorized file uploads, significantly increasing risks for server security. System administrators and hosting providers must take immediate action to mitigate these threats. Background of the Vulnerability The CVE-2025-62047 vulnerability is identified as […]