Release Information for Veeam ONE 13.0.1 RTM Patch 0

Update Applicability This "Patch 0" update for Veeam ONE 13.0.1 is strictly intended for deployments using the RTM release build 13.0.1.5860. If Veeam ONE 13.0.1 GA build 13.0.1.5924 is installed, this update can be ignored as it is not needed. All resolved issues listed in this article were foun...

Intel CIP Code Issue Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP has a code issue vulnerability that stems from an unrestricted upload of dangerous types of files, which can be exploited by attackers to cause data tampering...

Intel CIP Information Disclosure Vulnerability (CNVD-2025-28673)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an information disclosure vulnerability that stems from mismanagement of privileges, which can be exploited by an attacker to cause information...

Intel CIP elevation of privilege vulnerability (CNVD-2025-28675)

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an elevation of privilege vulnerability that stems from an uncontrolled search path, which can be exploited by an attacker to cause elevation of...

Intel CIP Improper Access Control Vulnerability

Intel CIP is an optional program from Intel designed to improve products by collecting performance data from users' computers. Intel CIP suffers from an Improper Access Control vulnerability that can be exploited by an attacker to cause information disclosure...

Increase in Lumma Stealer Activity Coincides with Use of Adaptive Browser Fingerprinting Tactics

In this blog entry, Trend™ Research analyses the layered command-and-control approaches that Lumma Stealer uses to maintain its ongoing operations while enhancing collection of victim-environment data...

Introducing Nylon Face Mask Attacks: A Dataset for Evaluating Generalised Face Presentation Attack Detection

Face recognition systems are increasingly deployed across a wide range of applications, including smartphone authentication, access control, and border security. However, these systems remain vulnerable to presentation attacks PAs, which can significantly compromise their reliability. In this wor...

CVE-2025-32786

The GLPI Inventory Plugin handles network discovery, inventory, software deployment, and data collection for GLPI agents. Versions 1.5.0 and below are vulnerable to SQL Injection. This issue is fixed in version 1.5.1...

Release History for Veeam Service Provider Console 9

Veeam Service Provider Console 9 Builds 9.2.1.33875 2026-05-27 Resolved Issues Security CVE-2026-32998 | Severity: Critical 9.4 A vulnerability in Veeam Service Provider Console allows for remote code execution. Third-party libraries and packages used in Veeam Service Provider Console and its...

Malicious Package

Overview analytics-data-collection-fe is a malicious package. This package contains malicious code, and its content was removed from the official package manager. While this package might be attempting to impersonate a valid organization, there is no connection between that organization and this...

Malicious code in analytics-data-collection-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c5655e480e57af4b115f0660b3e96f7412f5d95816cd49858611d28761ea501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

EUVD-2025-33891

Malicious code in analytics-data-collection-fe npm...

MAL-2025-48316 Malicious code in analytics-data-collection-fe (npm)

--- -= Per source details. Do not edit below this line.=- Source: ghsa-malware 9c5655e480e57af4b115f0660b3e96f7412f5d95816cd49858611d28761ea501 Any computer that has this package installed or running should be considered fully compromised. All secrets and keys stored on that computer should be...

CVE-2017-20201

CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 32-bit builds contained a malicious pre-entry-point loader that diverts execution from scrtcommonmainseh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at...

Ivanti Data Collection

Binary data ivanticollect.nbin...

CVE-2017-20201 CCleaner v5.33.6162 & CCleaner Cloud v1.07.3191 Malicious Backdoor Supply Chain Compromise

CCleaner v5.33.6162 and CCleaner Cloud v1.07.3191 32-bit builds contained a malicious pre-entry-point loader that diverts execution from scrtcommonmainseh into a custom loader. That loader decodes an embedded blob into shellcode, allocates executable heap memory, resolves Windows API functions at...

CCleaner和CCleaner Cloud 安全漏洞

CCleaner and CCleaner Cloud are both products of CCleaner, a UK-based company.CCleaner is a system cleaner and optimizer.CCleaner Cloud is a cloud-based system cleaner and optimizer. A security vulnerability exists in CCleaner version v5.33.6162 and CCleaner Cloud version v1.07.3191, which...

EUVD-2018-3914

Malware in sbrugna...

EUVD-2019-13376

Malware in sbrugna...

EUVD-2021-22657

Malware in sbrugna...