IHKS A.I CyberSecurity Scoring
25/03/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for IOM Hong Kong SAR in 2026.
No incidents recorded for IOM Hong Kong SAR in 2026.
No incidents recorded for IOM Hong Kong SAR in 2026.
UNHCR, the UN Refugee Agency, is a global organisation dedicated to saving lives, protecting rights and building a better future for people forced to flee their homes because of conflict and persecution. We lead international action to protect refugees, forcibly displaced communities and stateless people. We deliver life-saving assistance, help safeguard fundamental human rights, and develop solutions that ensure people have a safe place called home where they can build a better future. We also work to ensure that stateless people are granted a nationality. We work in over 130 countries, using our expertise to protect and care for millions. UNHCR’s greatest asset is our workforce. We work with passionate, talented and creative individuals who want to use their skills for good. Thanks to people like you, we can develop solutions that enable people who have been forced to flee to restart their lives and build better futures. Current Opportunities http://www.unhcr.org/careers.html Meet UNHCR Staff https://bit.ly/2EMZrlO ⚠️ Important notice: Our protection work extends to online spaces, which means we may hide/delete comments with hate/spam/profanity/misinfo/disinfo.
The United Nations Development Programme works in nearly 170 countries and territories, helping to achieve the eradication of poverty, and the reduction of inequalities and exclusion. We help countries to develop policies, leadership skills, partnering abilities, institutional capabilities and build resilience in order to sustain development results. DISCLAIMER: The United Nations Development Programme (UNDP) does not guarantee the truthfulness, accuracy, or validity of any comments posted to its social media outlets (blogs, social networks, message boards/forums, etc.). Users must not post any content that is obscene, defamatory, profane, libelous, threatening, harassing, abusive, hateful or embarrassing to any person or entity. UNDP reserves the right to delete or edit any comments that it considers inappropriate or unacceptable, and to delete off-topic comments in order to foster conversations about the topics shared on this page.
Founded at the end of the Second World War, the United Nations is an international organization made up of 193 Member States committed to maintaining international peace and security. Every day the UN works to tackle global challenges and deliver results for those most in need. Giving life-saving support to populations hit by humanitarian crises, helping build and keep the peace in conflict-ridden areas, supporting governments and their citizens to advance development and fight poverty, and promoting human rights worldwide are the core pillars of the work of the United Nations and the mandates it receives from its Member States. The Charter of the United Nations is available in full at: http://www.un.org/en/documents/charter/
Established in 1951, the International Organization for Migration is the leading intergovernmental organization in the field of migration and is committed to the principle that humane and orderly migration benefits migrants and society. IOM works with its partners in the international community to assist in meeting the growing operational challenges of migration, advance understanding of migration issues, encourage social and economic development through migration and uphold the well-being and human rights of migrants. More people are on the move today than at any other time in recorded history: 1 billion people – comprising a seventh of humanity. A variety of elements – not least the information and communications revolutions – contribute to the movement of people on such a large scale. The forces driving migration as a priority issue are: climate change, natural and manmade catastrophes, conflict, the demographic trends of an ageing industrialized population, an exponentially expanding jobless youth population in the developing world and widening North–South social and economic disparities.
THE RIGHT WAY TO ITALY. Italian Agency based in Venice-Italy performing general affairs by Public and Private Boards seeks international Partners to develop SMART TOURISM NETWORK. Multilingual staff. Contact us as above
USAID is the lead U.S. Government agency that works to end extreme global poverty and enable resilient, democratic societies to realize their potential. U.S. foreign assistance has always had the twofold purpose of furthering America's interests while improving lives in the developing world. USAID carries out U.S. foreign policy by promoting broad-scale human progress at the same time it expands stable, free societies, creates markets and trade partners for the United States, and fosters good will abroad. Spending less than 1 percent of the total federal budget, USAID works in over 100 countries to: -Promote broadly shared economic prosperity; -Strengthen democracy and good governance; -Protect human rights; -Improve global health, -Advance food security and agriculture; -Improve environmental sustainability; -Further education; -Help societies prevent and recover from conflicts; and -Provide humanitarian assistance in the wake of natural and man-made disasters. Privacy Policy: http://www.usaid.gov/privacy-policy
Welcome, exchange program alumni! We are Alumni Affairs, an office in the Bureau of Educational and Cultural Affairs (ECA) at the U.S. Department of State. We welcome alumni of all U.S. government exchange programs, from Fulbright to Gilman, IVLP, YALI, YSEALI, YLAI, and many more! We offer grant competitions, access to research and funding databases, career development, and other info. While on our page we ask that you follow the Terms of Use (“TOU”), which may be updated by the Department of State from time to time without notice to you. You can review the current version of the TOU at any time here: https://www.state.gov/social-media-terms-of-use/ #ExchangeAlumni operates on the LinkedIn platform. It provides its members with a variety of features, including but not limited to: video and photo sharing, grant competitions, career development, a discussion forum, messaging, and chat. The U.S. Department of State reserves the right to alter the types of features that Alumni Affairs provides at any time with no notice to network members. Member Conduct You understand that all information, data, messages or other materials ("Content"), whether publicly posted or privately transmitted, are the sole responsibility of the person from which such Content originated. This means that you, and not the U.S. Department of State, are entirely responsible for all Content that you post, email, transmit or otherwise make available via the site. The U.S. Department of State does not control the Content posted and, as such, does not guarantee the accuracy, integrity or quality of such Content. ∙ You agree not to use the site to post, email, transmit or otherwise make available any Content that is unlawful, harmful, threatening, abusive, harassing, tortious, defamatory, vulgar, obscene, libelous, invasive of another's privacy, hateful, or racially, ethnically or otherwise objectionable. Read the full member conduct our TOS page: https://www.state.gov/social-media-terms-of-use/
The World Health Organization's mission: to promote health, keep the world safe, and serve the vulnerable. Working through offices in more than 150 countries, WHO staff work side by side with governments and other partners to ensure the highest attainable level of health for all people. Stay connected with WHO: Facebook https://www.facebook.com/WHO Twitter http://www.twitter.com/who Instagram: @who Google+ https://www.google.com/+who YouTube http://www.youtube.com/who
UNESCO - the United Nations Educational, Scientific and Cultural Organization (UNESCO) was founded on 16 November 1945. For this specialized United Nations agency, it is not enough to build classrooms in devastated countries or to publish scientific breakthroughs. Education, Social and Natural Science, Culture and Communication are the means to a far more ambitious goal : to build peace in the minds of women and men.
Latest updates, reports, and threat intel affecting the global network.
Overview of International Migrant Workers in the Care, Hospitality, and Entertainment and Informal Economy Sectors in Hong Kong SAR, China
In the People's Republic of China (PRC), the International Organization for Migration (IOM) began its operations in 2007, when the IOM Liaison Office in...
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.