GCA
Company Details
Linkedin ID:
global-crossing-airlines
Website:
Employees number:
342
Number of followers:
16,276
NAICS:
481
Industry Type:
Homepage:
globalxair.com
IP Addresses:
0
Company ID:
GLO_2799210
Scan Status:
In-progress
Global Crossing Airlines Company CyberSecurity Posture
globalxair.com
Global Crossing Airlines (OTCQB: JETMF | JET: Cboe) is a US 121 domestic flag and supplemental airline flying the Airbus A320 family aircraft. GlobalX flies as an ACMI and wet-lease charter airline serving the US, Caribbean and Latin American markets. For more information, please visit www.globalxair.com.
Global Crossing Airlines A.I CyberSecurity Scoring
GCA Risk Score (AI oriented)Between 600 and 649
GCA
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
GCA Global Score (TPRM)XXXX
GCA
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
GCA Company CyberSecurity News & History
Past Incidents
4
Attack Types
2
GlobalX
Breach
Rankiteo Explanation
Attack without any consequences
Description: GlobalX, an American airline involved in the Trump administration’s deportation of illegal aliens, suffered a cyberattack on May 5, 2025. The hacktivist group Anonymous defaced the company’s website and allegedly stole sensitive data, including flight records and passenger manifests. The attack was in response to the company's non-compliance with court rulings regarding deportations. GlobalX reported the breach to the SEC and activated its incident response protocol. The company believes that none of its operations were disrupted or otherwise negatively impacted.
GlobalX Air
Breach
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: The website of GlobalX Air, a US-based airline used for deportation flights, was defaced by actors claiming affiliation with Anonymous. During the incident, attackers replaced the homepage content with a message accusing the airline of ignoring judicial orders related to deportation rulings. In addition to the defacement, the threat actors exfiltrated sensitive files, including complete flight records and passenger manifests for all customers—covering illegal immigrants and other passengers. The stolen data was subsequently shared with select media outlets, exposing granular details about who was deported, along with dates and destinations. This breach not only undermines the confidentiality of passenger information but also reveals operational details about deportation flights used by the US government. The exposure of personal and travel data raises significant privacy concerns, potentially enabling identity theft, targeted harassment, or geopolitical risks for affected individuals. Following the attack, the website was restored to its original state, but the scope of data loss remains a serious liability for the airline and its customers.
Global Crossing Airlines Group (GlobalX)
Cyber Attack
Rankiteo Explanation
Attack limited on finance or reputation
Description: Global Crossing Airlines Group, a Miami-based airline facilitating ICE deportation flights, suffered a cyberattack on **May 5** by a hacker identifying as **Anonymous**. The breach granted unauthorized access to **business application systems**, allowing the theft of **flight records and manifests**—including sensitive details of ICE deportation operations. The hacker defaced the company’s website before exfiltrating data, which was later verified against public deportation reports by **404 Media**. While the company claimed **no operational disruption** and **no material financial impact**, the stolen data exposed its involvement in controversial deportation flights, risking **reputational damage** and potential **legal or regulatory scrutiny**. The incident prompted engagement with **law enforcement and a cybersecurity firm**, but the company did not disclose whether **personal data of employees, passengers, or deported individuals** was compromised. The FBI and DHS declined to comment. GlobalX, which earns **$65M annually from ICE contracts**, faces indirect consequences from the **public exposure of its role in deportations**, though no direct financial or operational harm was confirmed.
GlobalX Airlines
Cyber Attack
Rankiteo Explanation
Attack with significant impact with customers data leaks
Description: In March, the hacktivist collective Anonymous targeted GlobalX Airlines in retaliation for the U.S. government’s decision to deport alleged members of the Venezuelan gang Tren de Aragua. The attackers launched a distributed denial-of-service (DDoS) operation that disrupted and defaced the airline’s public website, preventing customers from accessing booking tools and flight schedules for several hours. Concurrently, Anonymous exfiltrated the company’s flight manifest report, exposing sensitive passenger information such as names, contact numbers, crew details and other flight data. This stolen dataset was later cited by independent outlet 404 Media as evidence in a class action lawsuit aiming to block the forced removal of the accused gang members. Although GlobalX has since restored website functionality and taken measures to secure its infrastructure, the incident underscores significant lapses in the protection of personal data and raises concerns about potential identity theft, legal liabilities and damage to the carrier’s reputation. The breach also follows a related incident in which Anonymous released 10 TB of data purportedly containing corruption files and Trump-related information stolen from the Russian government, highlighting the group’s capacity for large-scale cyber intrusions.
GCA Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for GCA
Incidents vs Airlines and Aviation Industry Average (This Year)
Global Crossing Airlines has 751.06% more incidents than the average of same-industry companies with at least one recorded incident.
Incidents vs All-Companies Average (This Year)
Global Crossing Airlines has 525.0% more incidents than the average of all companies with at least one recorded incident.
Incident Types GCA vs Airlines and Aviation Industry Avg (This Year)
Global Crossing Airlines reported 4 incidents this year: 2 cyber attacks, 0 ransomware, 0 vulnerabilities, 2 data breaches, compared to industry peers with at least 1 incident.
Incident History — GCA (X = Date, Y = Severity)
GCA cyber incidents detection timeline including parent company and subsidiaries
GCA Company Subsidiaries
Global Crossing Airlines (OTCQB: JETMF | JET: Cboe) is a US 121 domestic flag and supplemental airline flying the Airbus A320 family aircraft. GlobalX flies as an ACMI and wet-lease charter airline serving the US, Caribbean and Latin American markets. For more information, please visit www.globalxair.com.
Loading...
GCA Similar Companies
gategourmet
gategourmet has been serving the airline industry for more than 70 years and has become the world’s largest independent provider of airline catering and logistics. We prepare tens of thousands of tasty, nutritious passenger meals and snacks daily and reliably service more than 2 million flights a ye
KLM Royal Dutch Airlines
Welcome to our LinkedIn page! To learn how we can assist you, please check: http://klmf.ly/ContactCentre. KLM was founded in 1919 and is the oldest airline in the world. With a vast network of European and intercontinental destinations, KLM can offer direct flights to major cities and economic cen
Delta Air Lines
Delta Air Lines (NYSE: DAL) is the U.S. global airline leader in safety, innovation, reliability and customer experience. Powered by our employees around the world, Delta has for a decade led the airline industry in operational excellence while maintaining our reputation for award-winning customer s
Cathay Pacific
Welcome to the official Cathay Pacific LinkedIn page. We have over 200 destinations in our global network, but want to do more than just move you from A to B. We want to take you further in your journey, and ultimately, to move beyond. And we’re here to do what we can to help you discover what’s nex
Emirates
Based in Dubai, the Emirates Group employs over 103,363 staff from more than 160 nationalities. The Emirates Group’s extensive and diverse international portfolio includes the world’s largest international airline, Emirates, and one of the largest combined air services provider in the world, dnata.
Turkish Airlines
Turkish Airlines has soared to new heights since its first flight in 1933, becoming the airline that connects more countries than any other. Our commitment to excellence is reflected in the world-class service, comfort, and innovative travel experience we offer, designed to elevate every journey.
AirAsia
It all starts here. 23 years ago, a dream took flight - shaping and forever changing the travel industry in Asia. The idea was simple: Make flying affordable for everyone. We made that dream happen. We started an airline in 2001. Today, we’ve evolved to become something much bigger. We’re now a wo
SpiceJet Limited
Red. Hot. Spicy. That’s not just our tagline, it’s how we fly. Red reflects the bold spirit we bring to every journey, energetic, passionate, and full of heart. Hot captures the warmth of our service and the vibrant destinations we connect. Spicy is our drive to keep travel exciting through innovati
How time flies. #18YearsOfIndiGo IndiGo is India’s largest passenger airline. We primarily operate in India’s domestic air travel market as a low-cost carrier with focus on our three pillars – offering low fares, being on-time and delivering a courteous and hassle-free experience. IndiGo has become
.png)
GCA CyberSecurity News
November 11, 2025 11:08 PM
RED OAK PARTNERS LLC FILES REPORT IN RESPECT OF GLOBAL CROSSING AIRLINES GROUP INC.
Red Oak Partners LLC ("Red Oak Partners"), a Florida limited liability company, is an investment advisor that furnishes investment advice to...
November 05, 2025 08:00 AM
Global Crossing Airlines Reports Third Quarter 2025 Financial Results
Record Quarterly Utilization of 9901 Block Hours Drives Revenue Growth of 11% YoY to $58.0 Million MIAMI, Nov. 05, 2025 (GLOBE NEWSWIRE)...
October 23, 2025 07:00 AM
Global Crossing Airlines (OTCQB: JETMF) to discuss Q3 2025 results on a conference call
Global Crossing Airlines Group (OTCQB: JETMF) will host its Q3 2025 conference call on Thursday, November 6, 2025 at 8:30 a.m. Eastern to...
October 23, 2025 07:00 AM
Global Crossing Airlines Sets Third Quarter 2025 Conference Call for November 6, 2025 at 8:30 a.m. ET
MIAMI, Oct. 23, 2025 (GLOBE NEWSWIRE) -- Global Crossing Airlines Group, Inc. (Cboe: JET, OTCQB: JETMF) (the “Company” or “GlobalX”),...
October 15, 2025 07:00 AM
2 A320s — GlobalX to Wet‑Lease Dedicated Aircraft to Sunrise Airways, Boosting 'One Caribbean' Network
Global Crossing Airlines Group (OTCQB: JETMF) signed a long-term wet-lease agreement with Sunrise Airways effective November 2025 to provide...
September 10, 2025 07:00 AM
Plane to purgatory: how Trump’s deportation program shuttles immigrants into lawless limbo
44000 immigrants, 1700 flights, 100 days: a Guardian investigation of leaked flight data and government detention data reveals the inhumane...
August 22, 2025 07:00 AM
DHL extends short-term cargo contract with Global Crossing Airlines
DHL Express has extended its trial contract with Global Crossing Airlines, a Miami-based provider of dedicated contract air and as-needed...
August 22, 2025 07:00 AM
DHL extends short-term cargo contract with Global Crossing Airlines
DHL Express has extended its trial contract with Global Crossing Airlines, a Miami-based provider of dedicated contract air and as-needed...
June 28, 2025 07:00 AM
Now Hawaiian Airlines, Following WestJet, Delta, Japan Airlines, Cathay Pacific, Qantas, and Ryanair, Faces Severe Cybersecurity Crisis, Here is a News Alert for You
Hawaiian Airlines' severe cybersecurity crisis cuts deeper, raising alarms about traveler safety, data privacy, and the very trust that fuels modern aviation.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
GCA CyberSecurity History Information
Official Website of Global Crossing Airlines
The official website of Global Crossing Airlines is http://www.globalxair.com.
Global Crossing Airlines’s AI-Generated Cybersecurity Score
According to Rankiteo, Global Crossing Airlines’s AI-generated cybersecurity score is 610, reflecting their Poor security posture.
How many security badges does Global Crossing Airlines’ have ?
According to Rankiteo, Global Crossing Airlines currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Global Crossing Airlines have SOC 2 Type 1 certification ?
According to Rankiteo, Global Crossing Airlines is not certified under SOC 2 Type 1.
Does Global Crossing Airlines have SOC 2 Type 2 certification ?
According to Rankiteo, Global Crossing Airlines does not hold a SOC 2 Type 2 certification.
Does Global Crossing Airlines comply with GDPR ?
According to Rankiteo, Global Crossing Airlines is not listed as GDPR compliant.
Does Global Crossing Airlines have PCI DSS certification ?
According to Rankiteo, Global Crossing Airlines does not currently maintain PCI DSS compliance.
Does Global Crossing Airlines comply with HIPAA ?
According to Rankiteo, Global Crossing Airlines is not compliant with HIPAA regulations.
Does Global Crossing Airlines have ISO 27001 certification ?
According to Rankiteo,Global Crossing Airlines is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Global Crossing Airlines
Global Crossing Airlines operates primarily in the Airlines and Aviation industry.
Number of Employees at Global Crossing Airlines
Global Crossing Airlines employs approximately 342 people worldwide.
Subsidiaries Owned by Global Crossing Airlines
Global Crossing Airlines presently has no subsidiaries across any sectors.
Global Crossing Airlines’s LinkedIn Followers
Global Crossing Airlines’s official LinkedIn profile has approximately 16,276 followers.
NAICS Classification of Global Crossing Airlines
Global Crossing Airlines is classified under the NAICS code 481, which corresponds to Air Transportation.
Global Crossing Airlines’s Presence on Crunchbase
No, Global Crossing Airlines does not have a profile on Crunchbase.
Global Crossing Airlines’s Presence on LinkedIn
Yes, Global Crossing Airlines maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/global-crossing-airlines.
Cybersecurity Incidents Involving Global Crossing Airlines
As of December 02, 2025, Rankiteo reports that Global Crossing Airlines has experienced 4 cybersecurity incidents.
Number of Peer and Competitor Companies
Global Crossing Airlines has an estimated 3,399 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Global Crossing Airlines ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack and Breach.
How does Global Crossing Airlines detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an remediation measures with restored website functionality and taken measures to secure its infrastructure, and and and third party assistance with cybersecurity firm (unnamed), and and communication strategy with sec filing, communication strategy with no public statement beyond regulatory disclosure..
Incident Details
Can you provide details on each incident ?
Title: GlobalX Air Website Defacement and Data Breach
Description: The website of GlobalX Air, a US-based airline used for deportation flights, was defaced by actors claiming affiliation with Anonymous. During the incident, attackers replaced the homepage content with a message accusing the airline of ignoring judicial orders related to deportation rulings. In addition to the defacement, the threat actors exfiltrated sensitive files, including complete flight records and passenger manifests for all customers—covering illegal immigrants and other passengers. The stolen data was subsequently shared with select media outlets, exposing granular details about who was deported, along with dates and destinations. This breach not only undermines the confidentiality of passenger information but also reveals operational details about deportation flights used by the US government. The exposure of personal and travel data raises significant privacy concerns, potentially enabling identity theft, targeted harassment, or geopolitical risks for affected individuals. Following the attack, the website was restored to its original state, but the scope of data loss remains a serious liability for the airline and its customers.
Type: Website Defacement and Data Breach
Attack Vector: Website Defacement
Threat Actor: Anonymous
Motivation: Accusation of ignoring judicial orders related to deportation rulings
Title: Anonymous Hacktivist Attack on GlobalX Airlines
Description: In March, the hacktivist collective Anonymous targeted GlobalX Airlines in retaliation for the U.S. government’s decision to deport alleged members of the Venezuelan gang Tren de Aragua. The attackers launched a distributed denial-of-service (DDoS) operation that disrupted and defaced the airline’s public website, preventing customers from accessing booking tools and flight schedules for several hours. Concurrently, Anonymous exfiltrated the company’s flight manifest report, exposing sensitive passenger information such as names, contact numbers, crew details and other flight data. This stolen dataset was later cited by independent outlet 404 Media as evidence in a class action lawsuit aiming to block the forced removal of the accused gang members. Although GlobalX has since restored website functionality and taken measures to secure its infrastructure, the incident underscores significant lapses in the protection of personal data and raises concerns about potential identity theft, legal liabilities and damage to the carrier’s reputation. The breach also follows a related incident in which Anonymous released 10 TB of data purportedly containing corruption files and Trump-related information stolen from the Russian government, highlighting the group’s capacity for large-scale cyber intrusions.
Date Detected: March
Type: Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration
Attack Vector: DDoS, Data Exfiltration
Threat Actor: Anonymous
Motivation: Retaliation for U.S. government’s decision to deport alleged members of the Venezuelan gang Tren de Aragua
Title: GlobalX Cyberattack by Anonymous
Description: GlobalX, an American airline involved in the Trump administration’s deportation of illegal aliens, suffered a cyberattack on May 5, 2025. The hacktivist group Anonymous defaced the company’s website and allegedly stole sensitive data, including flight records and passenger manifests. The attack was in response to the company's non-compliance with court rulings regarding deportations. GlobalX reported the breach to the SEC and activated its incident response protocol. The company believes that none of its operations were disrupted or otherwise negatively impacted.
Date Detected: 2025-05-05
Type: Cyberattack
Attack Vector: Website Defacement and Data Theft
Threat Actor: Anonymous
Motivation: Political
Title: Cyberattack on Global Crossing Airlines Group (GlobalX) Involving ICE Deportation Flight Data
Description: Global Crossing Airlines Group (GlobalX), an airline involved in ICE deportation flights, confirmed a cybersecurity incident on May 5, 2024. A hacker, identifying as 'Anonymous,' defaced the company’s website and stole flight records and manifests, including details of deportation flights. The company reported the incident to the SEC and law enforcement, stating no operational disruption occurred. The hacker provided stolen data to 404 Media, which verified its authenticity against public deportation records.
Date Detected: 2024-05-05
Date Publicly Disclosed: 2024-05-10
Type: Data Breach
Attack Vector: Website DefacementData Exfiltration
Threat Actor: Anonymous (self-identified)
Motivation: ActivismExposure of ICE Collaboration
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Breach.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Website defacementBusiness application systems.
Impact of the Incidents
What was the impact of each incident ?
Incident : Website Defacement and Data Breach GLO847050725
Data Compromised: Flight records, Passenger manifests
Systems Affected: Website
Identity Theft Risk: High
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Data Compromised: Names, Contact numbers, Crew details, Other flight data
Systems Affected: Public website
Downtime: Several hours
Operational Impact: Disruption of booking tools and flight schedules
Brand Reputation Impact: Significant
Legal Liabilities: Class action lawsuit
Identity Theft Risk: High
Incident : Cyberattack GLO556051425
Data Compromised: Flight records, Passenger manifests
Incident : Data Breach GLO450082725
Data Compromised: Flight records, Deportation manifests, Operational data
Systems Affected: Business application systemsWebsite
Downtime: None (no operational disruption reported)
Operational Impact: None reported
Brand Reputation Impact: Potential reputational damage due to exposure of ICE collaborationMedia scrutiny
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Flight Records, Passenger Manifests, , Names, Contact Numbers, Crew Details, Other Flight Data, , Flight Records, Passenger Manifests, , Flight Records, Deportation Manifests, Operational Business Data and .
Which entities were affected by each incident ?
Incident : Website Defacement and Data Breach GLO847050725
Entity Name: GlobalX Air
Entity Type: Airline
Industry: Aviation
Location: United States
Customers Affected: All customers
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Entity Name: GlobalX Airlines
Entity Type: Airline
Industry: Aviation
Incident : Cyberattack GLO556051425
Entity Name: GlobalX
Entity Type: Airline
Industry: Aviation
Location: United States
Incident : Data Breach GLO450082725
Entity Name: Global Crossing Airlines Group (GlobalX)
Entity Type: Airline
Industry: Aviation, Logistics, Government Contracting
Location: Miami, Florida, USA
Response to the Incidents
What measures were taken in response to each incident ?
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Remediation Measures: Restored website functionality and taken measures to secure its infrastructure
Incident : Cyberattack GLO556051425
Incident Response Plan Activated: True
Incident : Data Breach GLO450082725
Incident Response Plan Activated: True
Third Party Assistance: Cybersecurity Firm (Unnamed).
Communication Strategy: SEC filingNo public statement beyond regulatory disclosure
How does the company involve third-party assistance in incident response ?
Third-Party Assistance: The company involves third-party assistance in incident response through Cybersecurity firm (unnamed), .
Data Breach Information
What type of data was compromised in each breach ?
Incident : Website Defacement and Data Breach GLO847050725
Type of Data Compromised: Flight records, Passenger manifests
Sensitivity of Data: High
Data Exfiltration: Yes
Personally Identifiable Information: Yes
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Type of Data Compromised: Names, Contact numbers, Crew details, Other flight data
Sensitivity of Data: High
Incident : Cyberattack GLO556051425
Type of Data Compromised: Flight records, Passenger manifests
Incident : Data Breach GLO450082725
Type of Data Compromised: Flight records, Deportation manifests, Operational business data
Sensitivity of Data: High (includes government-contracted deportation details)
What measures does the company take to prevent data exfiltration ?
Prevention of Data Exfiltration: The company takes the following measures to prevent data exfiltration: Restored website functionality and taken measures to secure its infrastructure.
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : Data Breach GLO450082725
Data Exfiltration: True
Regulatory Compliance
Were there any regulatory violations and fines imposed for each incident ?
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Legal Actions: Class action lawsuit
Incident : Cyberattack GLO556051425
Regulatory Notifications: SEC
Incident : Data Breach GLO450082725
Regulatory Notifications: U.S. Securities and Exchange Commission (SEC)
How does the company ensure compliance with regulatory requirements ?
Ensuring Regulatory Compliance: The company ensures compliance with regulatory requirements through Class action lawsuit.
References
Where can I find more information about each incident ?
Incident : Distributed Denial-of-Service (DDoS) Attack and Data Exfiltration GLO522050725
Source: 404 Media
Incident : Data Breach GLO450082725
Source: 404 Media
Incident : Data Breach GLO450082725
Source: U.S. Securities and Exchange Commission (SEC) Filing by Global Crossing Airlines Group
Date Accessed: 2024-05-10
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: 404 Media, and Source: 404 Media, and Source: U.S. Securities and Exchange Commission (SEC) Filing by Global Crossing Airlines GroupDate Accessed: 2024-05-10.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : Data Breach GLO450082725
Investigation Status: Ongoing (law enforcement involved, no public updates)
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Sec Filing and No Public Statement Beyond Regulatory Disclosure.
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Data Breach GLO450082725
Entry Point: Website Defacement, Business Application Systems,
High Value Targets: Ice Deportation Flight Records, Operational Manifests,
Data Sold on Dark Web: Ice Deportation Flight Records, Operational Manifests,
Post-Incident Analysis
What is the company's process for conducting post-incident analysis ?
Post-Incident Analysis Process: The company's process for conducting post-incident analysis is described as Cybersecurity Firm (Unnamed), .
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident were an Anonymous, Anonymous, Anonymous and Anonymous (self-identified).
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on March.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-05-10.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Flight records, Passenger manifests, , Names, Contact numbers, Crew details, Other flight data, , Flight records, Passenger manifests, , Flight records, Deportation manifests, Operational data and .
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was Website and Public website and Business application systemsWebsite.
Response to the Incidents
What third-party assistance was involved in the most recent incident ?
Third-Party Assistance in Most Recent Incident: The third-party assistance involved in the most recent incident was cybersecurity firm (unnamed), .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Contact numbers, Passenger manifests, Deportation manifests, Flight records, Other flight data, Names, Crew details and Operational data.
Regulatory Compliance
What was the most significant legal action taken for a regulatory violation ?
Most Significant Legal Action: The most significant legal action taken for a regulatory violation was Class action lawsuit.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident are 404 Media and U.S. Securities and Exchange Commission (SEC) Filing by Global Crossing Airlines Group.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing (law enforcement involved, no public updates).
Initial Access Broker
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=global-crossing-airlines' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
