Preeminent research and development organization. Inventor of the transistor, the laser, C programming language, UNIX.
Midea Group aspires to the vision of “Bringing Great Innovations to Life”, upholding the Founders’ philosophy of creating a better life through technology. Midea Group has evolved into a global leading technology company specializing in six major businesses including Smart Home Business, Industrial Technologies, Building Technologies, Robotics &Automation, Midea Healthcare and Annto Logistics. Over the past ten years, we have invested nearly 100 billion yuan in R&D and developed a global network spanning 38 R&D centers and 44 major production sites across the world. At present, Midea Group’s products and services serve more than 500 million customers in over 200 countries and regions, our brand portfolio contains Little Swan, Toshiba, WAHIN, COLMO, Clivet, Eureka, KUKA, GMCC, Welling, LINVOL, and Wandong. With nearly 200,000 employees globally and more than 40,000 based internationally, Midea Group ranks 277th on the Global Fortune 500 in 2024, marking the 9th consecutive year on the list. The company holds A/A2/A credit ratings from S&P, Moody's, and Fitch respectively. Midea Group places a strong focus on technology leadership, driving innovation across global markets. Midea adheres to the new strategic axis of "Technology Leadership, User Direct Access, Digital Intelligence Driven, and Global Breakthroughs," we advance our leadership in Smart Home and Smart Manufacturing while fostering talent. By providing growth opportunities in a dynamic, global environment, we empower our teams to shape the future of innovation.
Security & Compliance Standards Overview
No incidents recorded for AT&T Bell Laboratories Alumni in 2026.
No incidents recorded for Midea Group in 2026.
AT&T Bell Laboratories Alumni cyber incidents detection timeline including parent company and subsidiaries
Midea Group cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
Typemill is a flat-file, Markdown-based CMS designed for informational documentation websites. A reflected Cross-Site Scripting (XSS) exists in the login error view template `login.twig` of versions 2.19.1 and below. The `username` value can be echoed back without proper contextual encoding when authentication fails. An attacker can execute script in the login page context. This issue has been fixed in version 2.19.2.
A DOM-based Cross-Site Scripting (XSS) vulnerability exists in the DomainCheckerApp class within domain/script.js of Sourcecodester Domain Availability Checker v1.0. The vulnerability occurs because the application improperly handles user-supplied data in the createResultElement method by using the unsafe innerHTML property to render domain search results.
A Remote Code Execution (RCE) vulnerability exists in Sourcecodester Modern Image Gallery App v1.0 within the gallery/upload.php component. The application fails to properly validate uploaded file contents. Additionally, the application preserves the user-supplied file extension during the save process. This allows an unauthenticated attacker to upload arbitrary PHP code by spoofing the MIME type as an image, leading to full system compromise.
A UNIX symbolic link following issue in the jailer component in Firecracker version v1.13.1 and earlier and 1.14.0 on Linux may allow a local host user with write access to the pre-created jailer directories to overwrite arbitrary host files via a symlink attack during the initialization copy at jailer startup, if the jailer is executed with root privileges. To mitigate this issue, users should upgrade to version v1.13.2 or 1.14.1 or above.
An information disclosure vulnerability exists in the /srvs/membersrv/getCashiers endpoint of the Aptsys gemscms backend platform thru 2025-05-28. This unauthenticated endpoint returns a list of cashier accounts, including names, email addresses, usernames, and passwords hashed using MD5. As MD5 is a broken cryptographic function, the hashes can be easily reversed using public tools, exposing user credentials in plaintext. This allows remote attackers to perform unauthorized logins and potentially gain access to sensitive POS operations or backend functions.
