Insights, tutorials and best practices from the world of Cloud, DevOps and Open Source
All Posts
Coolify v4.0.0 Is Here: A Sovereign Deployment Platform Beyond Heroku and Vercel
In late April 2026, after almost two years in beta, Coolify officially released version 4.0.0 (release notes on GitHub). The timing is anything but coincidental:...
OPNsense 26.1.8: Two Critical RCE Bugs (CVE-2026-44194 & 45158) — Four Significant CVEs in Seven Days
On 12 May 2026 the OPNsense team shipped version 26.1.8 with patches for two critical remote code execution flaws. CVE-2026-44194 (CVSS 9.1, GitHub advisory GHSA-f59w-m967-9rf6)...
cPanel CVE-2026-41940: 44,000 Servers Compromised — What Companies on Shared Hosting Need to Do Now
A cPanel vulnerability that has been actively exploited since 23 February 2026 is officially disclosed on 28 April 2026. By 5 May, more than 44,000...
Cisco ASA, ArcaneDoor & CVE-2025-20362: WireGuard and NetBird as a Modern VPN Stack
A Cisco ASA vulnerability from September 2025 is still being actively exploited in May 2026. Seven months after the patch, CrowdSec counts 292 source IPs...
Vaultwarden 1.36.0 & NIS2: Self-Hosted Password Management for SMBs
On 3 May 2026 the Vaultwarden maintainer team released version 1.36.0 — closing six security advisories, one of which is a server-side request forgery that...
Bleeding Llama (CVE-2026-7482): Why Self-Hosted AI Isn't Automatically Secure AI
Three unauthenticated API calls. No login, no exploit framework, no privilege escalation. Three POST requests to a default port, and the machine's memory is on...
Let's Talk About Your Idea
Whether a specific IT challenge or just an idea - we look forward to the exchange. In a brief conversation, we'll evaluate together if and how your project fits with WZ-IT.
Leading companies trust WZ-IT
Timo Wevelsiep & Robin Zins
Managing Directors of WZ-IT