PT-2025-45078

Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.68.6 Description The use of an insufficiently random value for the secretKey in Smart Switch allows nearby attackers to gain access to backup data from applications. Recommendations Update to version 3.7.68.6...

CVE-2025-10579 BackWPup <= 5.5.0 - Missing Authorization to Sensitive Information Exposure

The BackWPup – WordPress Backup & Restore Plugin plugin for WordPress is vulnerable to unauthorized access of data due to a missing capability check on the 'backwpupworking' AJAX action in all versions up to, and including, 5.5.0. This makes it possible for authenticated attackers, with...

Update Rollup 3 for System Center 2022 Data Protection Manager

Update Rollup 3 for System Center 2022 Data Protection Manager Applies to: System Center 2022 Data Protection Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center Data Protection Manager 2022. It also contains the installation...

CVE-2025-52763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

EUVD-2025-35475

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

CVE-2025-52763

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

CVE-2025-52763 WordPress Nifty Backups plugin <= 1.08 - Cross Site Scripting (XSS) vulnerability

Improper Neutralization of Input During Web Page Generation 'Cross-site Scripting' vulnerability in NickDuncan Nifty Backups nifty-backups allows Reflected XSS.This issue affects Nifty Backups: from n/a through = 1.08...

CVE-2025-52763

The CVE-2025-52763 entry concerns the NickDuncan Nifty Backups WordPress plugin (

WordPress plugin Nifty Backups 跨站脚本漏洞

WordPress and WordPress plugin are both products of the WordPress Foundation.WordPress is a set of blogging platforms developed using the PHP language. The platform has the ability to host personal blog sites on PHP and MySQL based servers.WordPress plugin is an application plugin. A cross-site...

PT-2025-43247

Name of the Vulnerable Software and Affected Versions NickDuncan Nifty Backups versions through 1.08 Description The software contains a flaw related to improper input handling during web page generation, specifically a Reflected Cross-Site Scripting issue. This allows for the injection of...

Service Provider Migration to Unified Veeam Data Cloud FAQ

Below are the most commonly asked questions. What is changing with my Veeam Data Cloud for Microsoft 365 experience? Veeam is transitioning Veeam Cloud Service Providers VCSPs and their customers to Veeam Data Cloud, a unified multi-workload interface. This new experience allows you to manage...

Microsoft Windows BitLocker 安全漏洞

Microsoft Windows BitLocker is a Microsoft Corporation USA BitLocker Ensure secure backup of recovery keys before activating protection. A security vulnerability exists in Microsoft Windows BitLocker that originates from an attacker's ability to bypass certain features by exploiting the...

Experts Warn of Widespread SonicWall VPN Compromise Impacting Over 100 Accounts

Cybersecurity company Huntress on Friday warned of "widespread compromise" of SonicWall SSL VPN devices to access multiple customer environments. "Threat actors are authenticating into multiple accounts rapidly across compromised devices," it said. "The speed and scale of these attacks imply that...

EUVD-2025-33673

Cleartext storage of sensitive information in Smart Switch prior to version 3.7.67.2 allows local attackers to access backup data from applications. User interaction is required for triggering this vulnerability...

CVE-2025-21060

CVE-2025-21060 affects Samsung Smart Switch prior to version 3.7.67.2, where cleartext storage of sensitive information in backups allows local attackers to access application backup data after user interaction triggers the vulnerability. The underlying issue is the storage of backup data in clea...

PT-2025-41520

Name of the Vulnerable Software and Affected Versions Smart Switch versions prior to 3.7.67.2 Description A flaw exists in Smart Switch that allows local attackers to access backup data from applications due to the cleartext storage of sensitive information. User interaction is required to trigge...

SonicWall Says All Firewall Backups Were Accessed by Hackers

SonicWall has confirmed that attackers accessed cloud backup configuration files for all customers using its backup service exposing encrypted credentials and network configurations...

Hackers Access SonicWall Cloud Firewall Backups, Spark Urgent Security Checks

SonicWall on Wednesday disclosed that an unauthorized party accessed firewall configuration backup files for all customers who have used the cloud backup service. "The files contain encrypted credentials and configuration data; while encryption remains in place, possession of these files could...

EUVD-2014-2377

Malware in sbrugna...