Cleafy
Company Details
Linkedin ID:
cleafy
Website:
Employees number:
82
Number of followers:
3,381
NAICS:
541514
Industry Type:
Homepage:
cleafy.com
IP Addresses:
0
Company ID:
CLE_6164758
Scan Status:
In-progress
Cleafy Company CyberSecurity Posture
cleafy.com
We are a team of fraud hunters, cybersecurity experts, data scientists, and software engineers that since 2014 share the same dream: make technology a safer place. Every day, we work side by side with our customers to help them safely navigate digital opportunities, while growing their business. And we do it with passion, determination, and constant curiosity about the unexpected. Our purpose is to make people’s life easier and free from the threats hidden in the digital ecosystem. That’s why we designed a real-time technology that enables fraud management teams in financial institutions to detect and prevent financial fraud across all digital channels, while ensuring a safe and seamless experience for the end-users. Recognized as a market leader by industry analysts, today we protect over 60M+ users of top-tier retail and corporate banks against financial online fraud.
Cleafy A.I CyberSecurity Scoring
Cleafy Risk Score (AI oriented)Between 650 and 699
Cleafy
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Cleafy Global Score (TPRM)XXXX
Cleafy
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Cleafy Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Cleafy
Ransomware
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: Cleafy, a cybersecurity firm, encountered a new Android malware known as 'BingoMod' which targets victims' bank accounts for fraudulent transfers and then wipes the devices to obstruct forensic analysis. This malware utilizes On Device Fraud (ODF) techniques to bypass authentication and identification processes established by banks. The attack mainly affected devices using English, Romanian, and Italian languages. Consequences include compromised financial information and significant personal data leaks of customers using the affected banking services. The nature of the attack also implies a potential ruinous impact on the banks' reputations and operational integrity.
Cleafy Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Cleafy
Incidents vs Computer and Network Security Industry Average (This Year)
No incidents recorded for Cleafy in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Cleafy in 2025.
Incident Types Cleafy vs Computer and Network Security Industry Avg (This Year)
No incidents recorded for Cleafy in 2025.
Incident History — Cleafy (X = Date, Y = Severity)
Cleafy cyber incidents detection timeline including parent company and subsidiaries
Cleafy Company Subsidiaries
We are a team of fraud hunters, cybersecurity experts, data scientists, and software engineers that since 2014 share the same dream: make technology a safer place. Every day, we work side by side with our customers to help them safely navigate digital opportunities, while growing their business. And we do it with passion, determination, and constant curiosity about the unexpected. Our purpose is to make people’s life easier and free from the threats hidden in the digital ecosystem. That’s why we designed a real-time technology that enables fraud management teams in financial institutions to detect and prevent financial fraud across all digital channels, while ensuring a safe and seamless experience for the end-users. Recognized as a market leader by industry analysts, today we protect over 60M+ users of top-tier retail and corporate banks against financial online fraud.
Loading...
Cleafy Similar Companies
Palo Alto Networks, the global cybersecurity leader, is shaping the cloud-centric future with technology that is transforming the way people and organizations operate. Our mission is to be the cybersecurity partner of choice, protecting our digital way of life. We help address the world's greatest s
CrowdStrike
CrowdStrike (Nasdaq: CRWD), a global cybersecurity leader, has redefined modern security with the world’s most advanced cloud-native platform for protecting critical areas of enterprise risk — endpoints and cloud workloads, identity and data. Powered by the CrowdStrike Security Cloud and world-clas
NETWORK-SECURITY-SOLUTIONS
## Our core business We manage linux / unix server infrastructures and build the efficient and secure networking environments using hardware cutting edge technologies suited to the needs of the project and the client. We believe in quality, opposed to quantity. Our company consists of highly
.png)
Cleafy CyberSecurity News
December 05, 2025 08:00 AM
Android Hackers Target 400 Bank, Trading and Crypto Apps in Global Push To Drain Accounts: Cybersecurity Researchers
Hackers are now targeting more than 400 financial applications worldwide, deploying a new strain of Android malware in a push to drain...
December 04, 2025 12:35 PM
Newly Sold Albiriox Android Malware Targets Banks and Crypto Holders
A dangerous new mobile threat called Albiriox has emerged, giving criminals a tool to completely take over victims' Android phones and steal...
October 30, 2025 04:28 PM
16. Cleafy
Company: Cleafy. Co-founders: Matteo Bogana (CEO), Nicolò Pastore (Chief Technology Officer), and Carmine Giangregorio (Product Manager).
October 12, 2025 07:00 AM
New Bank Trojan Infecting Thousands of Android Devices, Capable of Draining Accounts Automatically, Warns Cleafy
A newly discovered Android banking trojan is giving hackers the ability to hijack mobile devices and drain accounts while victims sleep.
October 10, 2025 07:00 AM
Malware apps posing as free VPNs are on the rise
A recent report on the Klopatra malware operation shows hackers taking advantage of a surge in VPN use.
October 10, 2025 07:00 AM
Fake VPN and streaming app infects thousands of Android devices, drains bank accounts
Cybersecurity researchers are urgently warning Android users to delete a fake VPN and streaming app that is silently stealing banking...
October 07, 2025 07:00 AM
UK households told to delete VPN 'now' after it instantly empties bank accounts
Cleafy, cyber security experts, say at least an eye-watering 3000 devices are thought to have been infected so far.
August 04, 2025 07:00 AM
PlayPraetor Android Trojan Infects 11,000+ Devices via Fake Google Play Pages and Meta Ads
Cybersecurity researchers have discovered a nascent Android remote access trojan (RAT) called PlayPraetor that has infected more than 11,000...
April 18, 2025 07:00 AM
New payment-card scam involves a phone call, some malware and a personal tap
A scam that combines social engineering, previously undocumented malware and mobile phones' near-field communication (NFC) capabilities to compromise payment...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Cleafy CyberSecurity History Information
Official Website of Cleafy
The official website of Cleafy is http://www.cleafy.com.
Cleafy’s AI-Generated Cybersecurity Score
According to Rankiteo, Cleafy’s AI-generated cybersecurity score is 670, reflecting their Weak security posture.
How many security badges does Cleafy’ have ?
According to Rankiteo, Cleafy currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Cleafy have SOC 2 Type 1 certification ?
According to Rankiteo, Cleafy is not certified under SOC 2 Type 1.
Does Cleafy have SOC 2 Type 2 certification ?
According to Rankiteo, Cleafy does not hold a SOC 2 Type 2 certification.
Does Cleafy comply with GDPR ?
According to Rankiteo, Cleafy is not listed as GDPR compliant.
Does Cleafy have PCI DSS certification ?
According to Rankiteo, Cleafy does not currently maintain PCI DSS compliance.
Does Cleafy comply with HIPAA ?
According to Rankiteo, Cleafy is not compliant with HIPAA regulations.
Does Cleafy have ISO 27001 certification ?
According to Rankiteo,Cleafy is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Cleafy
Cleafy operates primarily in the Computer and Network Security industry.
Number of Employees at Cleafy
Cleafy employs approximately 82 people worldwide.
Subsidiaries Owned by Cleafy
Cleafy presently has no subsidiaries across any sectors.
Cleafy’s LinkedIn Followers
Cleafy’s official LinkedIn profile has approximately 3,381 followers.
NAICS Classification of Cleafy
Cleafy is classified under the NAICS code 541514, which corresponds to Others.
Cleafy’s Presence on Crunchbase
No, Cleafy does not have a profile on Crunchbase.
Cleafy’s Presence on LinkedIn
Yes, Cleafy maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/cleafy.
Cybersecurity Incidents Involving Cleafy
As of December 24, 2025, Rankiteo reports that Cleafy has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Cleafy has an estimated 3,179 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Cleafy ?
Incident Types: The types of cybersecurity incidents that have occurred include Ransomware.
Incident Details
Can you provide details on each incident ?
Title: BingoMod Android Malware Incident
Description: Cleafy, a cybersecurity firm, encountered a new Android malware known as 'BingoMod' which targets victims' bank accounts for fraudulent transfers and then wipes the devices to obstruct forensic analysis. This malware utilizes On Device Fraud (ODF) techniques to bypass authentication and identification processes established by banks. The attack mainly affected devices using English, Romanian, and Italian languages. Consequences include compromised financial information and significant personal data leaks of customers using the affected banking services. The nature of the attack also implies a potential ruinous impact on the banks' reputations and operational integrity.
Type: Malware
Attack Vector: Mobile Devices
Vulnerability Exploited: On Device Fraud (ODF) techniques
Motivation: Financial Gain
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Ransomware.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Android Devices.
Impact of the Incidents
What was the impact of each incident ?
Incident : Malware CLE002080624
Data Compromised: Financial information, Personal data
Systems Affected: Android Devices
Brand Reputation Impact: Potentially Ruinous
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Financial Information, Personal Data and .
Which entities were affected by each incident ?
Incident : Malware CLE002080624
Entity Type: Banking Services
Industry: Financial
Location: English-speaking regionsRomaniaItaly
Data Breach Information
What type of data was compromised in each breach ?
Incident : Malware CLE002080624
Type of Data Compromised: Financial information, Personal data
Sensitivity of Data: High
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Malware CLE002080624
Entry Point: Android Devices
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Financial Information, Personal Data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Android Devices.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Financial Information and Personal Data.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Android Devices.
.png)
Latest Global CVEs (Not Company-Specific)
Description
Marshmallow is a lightweight library for converting complex objects to and from simple Python datatypes. In versions from 3.0.0rc1 to before 3.26.2 and from 4.0.0 to before 4.1.2, Schema.load(data, many=True) is vulnerable to denial of service attacks. A moderately sized request can consume a disproportionate amount of CPU time. This issue has been patched in version 3.26.2 and 4.1.2.
Risk Information
cvss3
Base: 5.3
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Description
KEDA is a Kubernetes-based Event Driven Autoscaling component. Prior to versions 2.17.3 and 2.18.3, an Arbitrary File Read vulnerability has been identified in KEDA, potentially affecting any KEDA resource that uses TriggerAuthentication to configure HashiCorp Vault authentication. The vulnerability stems from an incorrect or insufficient path validation when loading the Service Account Token specified in spec.hashiCorpVault.credential.serviceAccount. An attacker with permissions to create or modify a TriggerAuthentication resource can exfiltrate the content of any file from the node's filesystem (where the KEDA pod resides) by directing the file's content to a server under their control, as part of the Vault authentication request. The potential impact includes the exfiltration of sensitive system information, such as secrets, keys, or the content of files like /etc/passwd. This issue has been patched in versions 2.17.3 and 2.18.3.
Risk Information
cvss4
Base: 8.2
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Fedify is a TypeScript library for building federated server apps powered by ActivityPub. Prior to versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2, a Regular Expression Denial of Service (ReDoS) vulnerability exists in Fedify's document loader. The HTML parsing regex at packages/fedify/src/runtime/docloader.ts:259 contains nested quantifiers that cause catastrophic backtracking when processing maliciously crafted HTML responses. This issue has been patched in versions 1.6.13, 1.7.14, 1.8.15, and 1.9.2.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
References
- https://github.com/fedify-dev/fedify/commit/2bdcb24d7d6d5886e0214ed504b63a6dc5488779
- https://github.com/fedify-dev/fedify/commit/bf2f0783634efed2663d1b187dc55461ee1f987a
- https://github.com/fedify-dev/fedify/releases/tag/1.6.13
- https://github.com/fedify-dev/fedify/releases/tag/1.7.14
- https://github.com/fedify-dev/fedify/releases/tag/1.8.15
- https://github.com/fedify-dev/fedify/releases/tag/1.9.2
- https://github.com/fedify-dev/fedify/security/advisories/GHSA-rchf-xwx2-hm93
Description
Authenticated Remote Code Execution (RCE) in PluXml CMS 5.8.22 allows an attacker with administrator panel access to inject a malicious PHP webshell into a theme file (e.g., home.php).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:N
Description
An issue was discovered in Xiongmai XM530 IP cameras on firmware V5.00.R02.000807D8.10010.346624.S.ONVIF 21.06. The GetStreamUri exposes RTSP URIs containing hardcoded credentials enabling direct unauthorized video stream access.
Risk Information
cvss3
Base: 7.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=cleafy' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
