BES A.I CyberSecurity Scoring
BES
Company Information
Website:http://www.bmexchangeservices.com
Employees number:None
Number of followers:0
NAICS:52
Industry Type:Financial Services
Homepage:bmexchangeservices.com
BES Risk Score (AI oriented)
Between 750 and 799
BESFinancial Services
Updated:
08/07/2026
08/07/2026
752/1000
Fair
Baa
BES Global Score (TPRM)
xxxx
BESFinancial Services
Score locked

BESFair
Current Score
752Baa (FAIR)
01000
1 incidents
-19 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
771
Cyber Attack
08 Jul 2026 • BES
PyPI, Neteller, Skrill and Paysafe: Fake Paysafe, Skrill SDKs on NPM and PyPi steal credentials
Malicious npm and PyPI Packages Target Payment Platforms with Stealer Malware
752
CRITICAL-19
BMEPYPPAYPAY1783542293
Malicious npm and PyPI Packages Target Payment Platforms with Stealer Malware
A recent cyberattack campaign leveraged malicious packages on npm and PyPI to distribute stealer malware targeting developers and users of Paysafe, Skrill, and Neteller payment applications. The threat actor published 17 fraudulent packages 13 on npm and 4 on PyPI designed to exfiltrate credentials, access tokens, and other sensitive data to a command-and-control (C2) server hosted on AWS.
The targeted platforms are widely used in e-commerce, online gaming, travel, financial services, cryptocurrency exchanges, and Forex trading. The malicious packages mimicked legitimate Paysafe SDKs, exposing fake APIs that returned false success responses while covertly harvesting data. Among the stolen information were Paysafe API keys, AWS credentials, GitHub and npm tokens, hostnames, usernames, and API usage metadata.
The npm packages (e.g., paysafe-checkout, skrill-payments) required a Paysafe API key to trigger data exfiltration, while the PyPI packages (e.g., paysafe-sdk, paysafe-api) executed the theft routine automatically upon initialization. The malware also included basic anti-analysis checks, halting execution if it detected virtualized environments or systems with fewer than two CPU cores.
Security researchers at Socket identified the campaign but noted that the threat actor’s identity remains unknown. The attack’s cross-ecosystem targeting (npm and PyPI) suggests a technically capable adversary, raising concerns about future, more sophisticated operations. Organizations using the affected packages were advised to rotate all exposed secrets and audit dependency trees for signs of compromise.
INCIDENT DETAILS -
TYPE
MOTIVATION
IMPACT
DATA BREACH
REFERENCES
JUNE 2026
771
MAY 2026
771
APRIL 2026
771
MARCH 2026
771
FEBRUARY 2026
771
JANUARY 2026
771
DECEMBER 2025
771
NOVEMBER 2025
771
OCTOBER 2025
771
SEPTEMBER 2025
771
AUGUST 2025
771
Frequently Asked Questions
?
What is the current A.I Rankiteo Cyber Score for BES ??
What was BES's A.I Rankiteo Cyber Score in June 2026 ??
What was BES's A.I Rankiteo Cyber Score in May 2026 ??
What was BES's A.I Rankiteo Cyber Score in April 2026 ??
What was BES's A.I Rankiteo Cyber Score in March 2026 ??
What was BES's A.I Rankiteo Cyber Score in February 2026 ??
What was BES's A.I Rankiteo Cyber Score in January 2026 ??
What was BES's A.I Rankiteo Cyber Score in December 2025 ??
What was BES's A.I Rankiteo Cyber Score in November 2025 ??
What was BES's A.I Rankiteo Cyber Score in October 2025 ??
What was BES's A.I Rankiteo Cyber Score in September 2025 ??
What was BES's A.I Rankiteo Cyber Score in August 2025 ??
What is the average per-incident point impact on BES's A.I Rankiteo Cyber Score over the past 12 months ??
Where can I access detailed records of all cyber incidents associated with BES ??
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ??
Where can I view BES's profile page on Rankiteo ??
How accurate is the A.I Rankiteo Risk Scoring methodology ?