COMAC A.I CyberSecurity Scoring
10/04/2026
Access Monitoring Plan
Access Monitoring Plan
COMAC has 66.67% fewer incidents than the average of same-industry companies with at least one recorded incident.
COMAC has 4.76% fewer incidents than the average of all companies with at least one recorded incident.
COMAC reported 1 incidents this year: 0 cyber attacks, 0 ransomware, 0 vulnerabilities, 1 data breaches, compared to industry peers with at least 1 incident.
Aviation & Aerospace
Inspired by the belief that aviation could fuel business growth, Gulfstream Aerospace Corp. invented the first purpose-built business aircraft, the Gulfstream I, which first flew in 1958. Today, more than 3,400 aircraft are in service around the world. Together with parent company General Dynamics, Gulfstream consistently invests in the future, dedicating resources to researching and developing innovative new aircraft, technologies and services. Gulfstream’s next-generation family of aircraft, including the super-midsize Gulfstream G300, the category-leading Gulfstream G400, the award-winning Gulfstream G500 and Gulfstream G600, the ultralarge-cabin Gulfstream G700 and the ultralong-range Gulfstream G800, offers an aircraft for every mission. All are backed by the worldwide Gulfstream Customer Support network.
Boeing is a leading global aerospace company that designs, builds and supports commercial airplanes, defense products and space systems for customers in more than 150 countries. Guided by our commitment to safety and quality, we innovate to deliver solutions that bring real value to our customers and the industry. As a top U.S. exporter, we work with a strong global supply base to drive economic opportunity and community impact worldwide. Our team leads with integrity and passion as it shapes the future of aerospace. Explore careers with us: boeing.com/careers Boeing is an Equal Opportunity Employer. Employment decisions are made without regard to race, color, religion, national origin, gender, sexual orientation, gender identity, age, physical or mental disability, genetic factors, military/veteran status or other characteristics protected by law.
Latest updates, reports, and threat intel affecting the global network.
Authentication bypass using an alternate path or channel in Microsoft Edge (Chromium-based) allows an unauthorized attacker to perform tampering over a network.
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not apply an upper bound to terminal dimensions received via the Telnet NAWS option, and TelnetIO.handleNAWS() in TelnetIO.java:856-879 reads client-supplied width and height as 16-bit unsigned integers and passes values such as 65535x65535 to setTerminalGeometry(), allowing an unauthenticated remote attacker to repeatedly alternate values and trigger continuous expensive rendering work that causes CPU exhaustion and denial of service. This issue is fixed in versions 3.30.14, 4.0.16, and 4.2.1.
JLine is a Java library for handling console input. Prior to 3.30.14, 4.0.16, and 4.2.1, the JLine3 Telnet server remote-telnet module does not limit the number of environment variables a client may inject via the Telnet NEW-ENVIRON option, and TelnetIO.readNEVariables() in TelnetIO.java:1127-1180 stores each variable pair in a HashMap held by ConnectionData, allowing an unauthenticated attacker to flood unique variable pairs before the terminating IAC SE byte and exhaust JVM heap memory with an OutOfMemoryError. This issue is fixed in versions 3.30.14, 4.0.16, and 4.2.1.
Exposure of private personal information to an unauthorized actor in Windows RDP allows an unauthorized attacker to disclose information over a network.
Feathersjs is a framework for creating web APIs and real-time applications with TypeScript or JavaScript. In 5.0.44 and earlier, the _.merge(target, source) utility exported by @feathersjs/commons recursively merges source into target by iterating Object.keys(source). When source was produced by JSON.parse and contains a __proto__, constructor, or prototype key, that key is returned as an own-enumerable property; the recursive merge then resolves target['__proto__'] to Object.prototype and writes attacker-supplied properties onto it, polluting the prototype for all plain objects in the process for the lifetime of the Node process. This issue is fixed in version 5.0.45.
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.