BME A.I CyberSecurity Scoring
28/03/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Bilfinger Middle East in 2026.
No incidents recorded for Bilfinger Middle East in 2026.
No incidents recorded for Bilfinger Middle East in 2026.
Xylem is the global leader in advanced technologies, solutions and services that address the world’s biggest water challenges. We enable our customers to dramatically improve the way water and wastewater is used, managed, conserved, re-used and returned to nature. At every level, our global team is committed to access, equity, inclusion, and diversity. Our goal is for all our colleagues to be involved, respected, valued, connected, and free to bring their authentic selves and ideas. If you are excited and passionate about solving water, we want to hear from you. #LetsSolveWater
Pioneering positive impact! Our pioneering 140-year-old start-up culture is built on the idea that partnership is the key to solving complex problems and unlocking the full potential of resources. So we collaborate closely with our partners, customers, and thought leaders to create game-changing solutions that challenge conventional thinking on quality, efficiency, and innovation. United by a shared commitment to creating positive impact we’re reshaping vital industries, like energy, food, water, and shipping, to optimize efficiency, reduce emissions, and increase yields. Together, we’re building business success, elevating the quality of life across society, and driving progress towards a more sustainable world. Alfa Laval is a leading global provider of first-rate products in the areas of heat transfer, separation and fluid handling. With these as its base, Alfa Laval aims to help enhance the productivity and competitiveness of its customers in various industries throughout the world. We define their challenges and deliver sustainable products and solutions that meet their requirements. Alfa Laval today has customers in some 100 countries, employs more than 21,300 people, and annual sales were SEK 63.6 billion (5.5 BEUR) in 2023. The company is listed on Nasdaq Stockholm. Alfa Laval contributes to 15 of the 17 UN Sustainable Development Goals. Our solutions make a difference in daily life. You can learn more on our website about how our products work, and how they are used in industries worldwide. We welcome your engagement, comments and questions - our guidelines and moderation policy for Alfa Laval channels on social media can be found here: https://www.alfalaval.com/legal/community-guidelines/ Personal data will be handled in accordance with the Alfa Laval Privacy Policy. https://www.alfalaval.com/privacy
Ingersoll Rand Inc. (NYSE:IR), driven by an entrepreneurial spirit and ownership mindset, is dedicated to Making Life Better for our employees, customers, shareholders, and planet. Customers lean on us for exceptional performance and durability in mission-critical flow creation and industrial solutions. Supported by over 80+ respected brands, our products and services excel in the most complex and harsh conditions. Our employees develop customers for life through their daily commitment to expertise, productivity, and efficiency. For more information, visit www.IRCO.com.
Following 100 years of successful design and manufacturing experience in plastic and metals, Rencol Components has built a truly global supply chain - rapidly expanding our range of high-quality, competitively-priced industrial components. Rencol has developed a mature and efficient Supply Chain with English-speaking personnel specialising in design, engineering, quality and logistics. Our permanent quality and engineering personnel work closely with all manufacturing facilities. We leverage the latest advances in communications and information technology to integrate our Component Sourcing, Management, and Sales & Product Development teams in Shanghai (China), New York (USA), and Bristol (UK), respectively. Specialties: Custom manufacturing, plastic injection moulding, die casting, forging, machining, metal stamping, tooling and sub assemblies. Far East product sourcing, China manufacturing facilities. Global supply chain network.
Flowserve is one of the world's largest manufacturers of pumps, valves and seals with over 16,000 employees across 50 countries. Built on more than 50 world-renowned heritage brands, the equity and customer loyalty we have earned over the past 230 years is the foundation of our leadership position across the globe. Flowserve's innovations have benefited a range of industries, including oil and gas, power, chemical, water, pharmaceuticals and food processing. Addressing these industries' challenges has made Flowserve a leader in development and application of advanced solutions for our customers. Experience, leadership and creativity are the tools we use to turn an idea into a solution. Continuing to foster this kind of innovation is key to Flowserve's long-term success. Be a part of a team known for its industry-leading talent, unparalleled portfolio and unmatched commitment to customer success. We invite you to put your talents and experience in motion with Flowserve. Together, we enable the world.
The Schindler Group is a leading manufacturer and provider of related services for elevators, escalators, and moving walkways. Founded in 1874 in Switzerland, our company is at the forefront of industry innovation, working on pushing the boundaries of technological engineering, while having a strong focus on safety, comfort, efficiency and reliability. Moving more than two billion people each day, our products can be found in many well-known buildings throughout the globe, including office and residential buildings, airports, shopping centers/retail establishments and specialty buildings. We’re a leading employer in the industry, with over 69’000 engaged employees enabling mobility within the urban world. We have a network of over 1000 branch offices in over 100 countries, as well as production sites and research and development facilities in the US, Brazil, Europe, China and India. At Schindler, our mission is to keep the world moving. We Elevate… Our World
Incorporated in 1966, Thermax Group is a 1 billion US$ company headquartered in Pune, India. Over the years, it has grown into a leading conglomerate in the energy and environment space and a trusted partner in energy transition. Strategically spreading its operations to 90+ countries while catering to a gamut of industries, the company offers integrated solutions in heating, cooling, power generation, water treatment and recycling, air pollution control, and chemicals with a focus on ensuring clean air, clean energy, and clean water. The solutions, products and services developed by Thermax help industries achieve better resource productivity and improve bottom line while maintaining a cleaner environment. Today, Thermax has a sales and service network spread over Asia, Southeast Asia, the Middle East, Africa, Europe and the Americas. It operates globally through 34 international and 22 domestic offices, and has 14 manufacturing facilities – 10 of which are in India and four overseas. The group consists of 17 domestic subsidiaries and 20 international subsidiaries.
Danfoss engineers solutions that increase machine productivity, reduce emissions, lower energy consumption, and enable electrification. Our solutions are used in such areas as refrigeration, air conditioning, heating, power conversion, motor control, industrial machinery, automotive, marine, and off- and on-highway equipment. We also provide solutions for renewable energy, such as solar and wind power, as well as district-energy infrastructure for cities. Our innovative engineering dates back to 1933. Danfoss is family-owned, employing more than 39,000 people, serving customers in more than 100 countries through a global footprint of 100 factories. Follow us on Instagram, Twitter and Facebook: www.instagram.com/danfoss_group www.twitter.com/Danfoss www.facebook.com/Danfoss
Trane Technologies is a global climate innovator advancing sustainability through our leading brands Trane® and Thermo King®, which bring efficient and sustainable climate solutions to buildings, homes and transportation across the globe. Together, we are one team innovating for a better future. At Trane Technologies, we are driven by a common purpose: to boldly challenge what’s possible for a sustainable world. While our products and services work to transform climate control, our company’s goal is to combat climate change. Sustainability is embedded in everything we do. Every team member has an impact on our bold 2030 Sustainability Commitments and is empowered to act and bring solutions to life. Our employee experience sets us apart as a special place to work. We are committed to fostering a culture of inclusivity, innovation and growth. When you join Trane Technologies, you become part of a team that shares a common purpose and values, working together to create a sustainable future. Our core values—Uplift Others, Make an Impact and Thrive at Work and Home—guide us in supporting our community, driving meaningful change and ensuring work-life balance. Explore our career opportunities and join us as we boldly go.
Latest updates, reports, and threat intel affecting the global network.
The industrial services provider Bilfinger is promising its investors a higher dividend following increases in both revenue and earnings.
German industrial services provider Bilfinger is considering growing through mergers and acquisitions and is looking at the Middle East and...
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.