MEI
Company Details
Linkedin ID:
iran-energy-ministry
Website:
Employees number:
187
Number of followers:
1,115
NAICS:
211
Industry Type:
Homepage:
moe.gov.ir
IP Addresses:
0
Company ID:
MIN_1986423
Scan Status:
In-progress
Ministry of Energy of I.R.IRAN - وزارت نیرو Company CyberSecurity Posture
moe.gov.ir
Ministry of Energy, is the main organ of the Government in charge of the regulation and implementation of policies applicable to energy, electricity, water and wastewater services. -The ministry consists of five deputies as follows: Deputy for Research and Human Resources Deputy for Planning and Economic Affairs Deputy for Electricity and Energy Deputy for Water and Wastewater Deputy for Support, Legal, and Parliamentary Affairs
Ministry of Energy of I.R.IRAN - وزارت نیرو A.I CyberSecurity Scoring
MEI Risk Score (AI oriented)Between 700 and 749
MEI
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
MEI Global Score (TPRM)XXXX
MEI
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
MEI Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Ministry of Economic Affairs and Finance: Israel-Iran Conflict Sparks Wider Cyber Conflict, New Malware
Cyber Attack
Rankiteo Explanation
Attack threatening the organization's existence
Description: Escalating Cyber Conflict in the Middle East as Israel-Iran Tensions Fuel Hacktivist Surge The June 13 Israeli strikes on Iranian nuclear and military targets have triggered a sharp escalation in cyber warfare across the Middle East, with hacktivist groups launching a wave of attacks targeting Israel and regional allies. Between June 13 and 17, threat intelligence firm Cyble documented cyber operations by 74 hacktivist groups, over 90% of which are pro-Iran, focusing primarily on Israeli infrastructure while also striking entities in Egypt, Jordan, the UAE, Pakistan, and Saudi Arabia. ### Targets and Tactics Israel bore the brunt of the attacks, with government, defense, media, telecom, finance, education, and emergency services sectors hit by DDoS attacks, website defacements, unauthorized access, data breaches, and ransomware/wiper malware campaigns. Notable incidents included: - Five ransomware/extortion attacks by Handala Group against Israeli media, telecom, construction, education, and chemical/energy organizations, with data samples leaked in two cases. - A ransomware/wiper executable ("encryption.exe") attributed to the previously unknown Anon-g Fox, which checks for Israel Standard Time (IST) and Hebrew language settings before executing terminating if conditions aren’t met. - A banking malware campaign (IRATA) targeting 50+ Iranian financial and crypto apps, impersonating government entities like the Judicial System of Iran and the Ministry of Economic Affairs. The malware steals credentials, account balances, and card data while remotely controlling infected devices. Other documented attacks included 34 DDoS incidents, five defacements, two data breaches, and four credential leaks, with groups like Anonymous Guys, Arabian Ghosts, and GhostSec actively participating. Hashtags such as #OpIsrael, #FreePalestine, and #SupportIran dominated the campaigns, reflecting ideological alignment with pro-Palestinian and pro-Iranian narratives. ### Information Warfare and Psychological Tactics Beyond technical attacks, hacktivist groups leveraged Telegram channels to amplify geopolitical messaging, reposting claims from allied collectives to project decentralized coordination. Content streams featured pro-Iranian and pro-Palestinian propaganda, including missile strike footage and graphic images of Iranian casualties, blurring the line between cyber operations and psychological warfare. ### Regional Spillover and Broader Implications The conflict’s cyber dimension has extended beyond Israel and Iran, with Egypt, Jordan, Saudi Arabia, and the UAE facing collateral attacks. The U.S. had previously linked CyberAv3ngers (Mr. Soul), an IRGC-affiliated threat actor, to critical infrastructure attacks, underscoring the global reach of state-aligned hacktivism. As hacktivist groups exploit geopolitical tensions to advance ideological agendas, the surge in ransomware, wipers, and banking malware signals a shift toward more disruptive and financially motivated tactics in the region’s cyber landscape.
MEI Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for MEI
Incidents vs Oil and Gas Industry Average (This Year)
No incidents recorded for Ministry of Energy of I.R.IRAN - وزارت نیرو in 2026.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Ministry of Energy of I.R.IRAN - وزارت نیرو in 2026.
Incident Types MEI vs Oil and Gas Industry Avg (This Year)
No incidents recorded for Ministry of Energy of I.R.IRAN - وزارت نیرو in 2026.
Incident History — MEI (X = Date, Y = Severity)
MEI cyber incidents detection timeline including parent company and subsidiaries
MEI Company Subsidiaries
Ministry of Energy, is the main organ of the Government in charge of the regulation and implementation of policies applicable to energy, electricity, water and wastewater services. -The ministry consists of five deputies as follows: Deputy for Research and Human Resources Deputy for Planning and Economic Affairs Deputy for Electricity and Energy Deputy for Water and Wastewater Deputy for Support, Legal, and Parliamentary Affairs
Loading...
MEI Similar Companies
NOV
NOV delivers technology-driven solutions to empower the global energy industry. For more than 150 years, NOV has pioneered innovations that enable its customers to safely produce abundant energy while minimizing environmental impact. The energy industry depends on NOV’s deep expertise and technology
Fortune Global 500 Company, Bharat Petroleum is the second largest Indian Oil Marketing Company and one of the premier integrated energy companies in India, engaged in refining of crude oil and marketing of petroleum products, with a significant presence in the upstream and downstream sectors of the
Baker Hughes (NASDAQ: BKR) is an energy technology company that provides solutions for energy and industrial customers worldwide. Built on a century of experience and conducting business in over 120 countries, our innovative technologies and services are taking energy forward – making it safer, clea
Sonatrach
Sonatrach (Société Nationale pour la Recherche, la Production, le Transport, la Transformation, et la Commercialisation des Hydrocarbures s.p.a.) is an Algerian government-owned company formed to exploit the hydrocarbon resources of the country. Its diversified activities cover all aspects of Oil &
At Repsol, we are at the forefront of the energy sector to build the future of energy with innovation and sustainability. We are a strong multienergy company that creates value in an integrated, diversified, and sustainable way to promote progress in society. We leverage our past experience to be pr
aramco
We’re a leading producer of the energy and chemicals that drive global commerce and enhance the daily lives of people around the globe by continuing delivering an uninterrupted supply of energy to the world. Our resilience and agility has built one of the world’s largest integrated energy and chemi
TechnipFMC
TechnipFMC is a leading technology provider to the traditional and new energies industry, delivering fully integrated projects, products, and services. With our proprietary technologies and comprehensive solutions, we are transforming our clients’ project economics, helping them unlock new possibi
Nosso propósito é prover energia que assegure prosperidade de forma ética, justa, segura e competitiva. Queremos ser a melhor empresa diversificada e integrada de energia na geração de valor, construindo um mundo mais sustentável, conciliando o foco em óleo e gás com a diversificação em negócios de
Shell is a global group of energy and petrochemical companies, employing 96,000 people across 70+ countries. We serve around 1 million commercial and industrial customers, and around 33 million customers daily at our Shell-branded retail service stations. Our purpose is to power progress together b
.png)
MEI CyberSecurity News
January 21, 2026 02:14 PM
EU reviews cybersecurity to limit danger from high-risk suppliers
The European Commission has presented a new cybersecurity package to strengthen the European Union's resilience to increasing cyber and...
January 21, 2026 02:12 PM
Cybersecurity firm Coro appoints Eyal Hen as new CFO
CHICAGO - Cybersecurity platform provider Coro announced Wednesday the appointment of Eyal Hen as its new Chief Financial Officer,...
January 21, 2026 02:00 PM
BrainCheck Achieves HITRUST i1 Certification, Demonstrating Commitment to Cybersecurity and Information Protection
HITRUST Certification validates that BrainCheck is meeting rigorous cybersecurity and data protection standards through independent...
January 21, 2026 01:59 PM
AI Supercharging Cyber Arms Race; Geopolitics At Centre Of Security Strategy: WEF Cybersecurity Head
Despite there being complex risks from AI adoption, there is an equally better response from cybersecurity entities, says Akshay Joshi.
January 21, 2026 01:55 PM
Best Cybersecurity Newsletters Shortlist For 2026
This week in cybersecurity from the editors at Cybercrime Magazine.
January 21, 2026 01:42 PM
Midnight in the War Room - Cybersecurity Documentary Premiere
Cybersecurity's premier global event series partners with the producers of Midnight in the War Room to debut a first-of-its-kind...
January 21, 2026 01:37 PM
Exclusive: Cybersecurity startup Furl collects $10M seed
Security remediation startup Furl raised a $10 million seed round led by Ten Eleven Ventures, co-founder and CEO Derek Abdine tells Axios...
January 21, 2026 01:35 PM
Identity Ranks as No. 1 Cybersecurity Threat Vector; AI Massively Compounds the Risk, Permiso Research Finds
PALO ALTO, Calif.--(BUSINESS WIRE)--Identity-related attacks were the dominant threat vector in 2025 with 76% of organizations saying they...
January 21, 2026 01:18 PM
China urges EU against protectionist path in cybersecurity law
The EU's Cybersecurity Act review (CSA2), unveiled on Tuesday, is raising alarm in Beijing, as Chinese tech companies face being looped into...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
MEI CyberSecurity History Information
Official Website of Ministry of Energy of I.R.IRAN - وزارت نیرو
The official website of Ministry of Energy of I.R.IRAN - وزارت نیرو is http://www.moe.gov.ir/.
Ministry of Energy of I.R.IRAN - وزارت نیرو’s AI-Generated Cybersecurity Score
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو’s AI-generated cybersecurity score is 739, reflecting their Moderate security posture.
How many security badges does Ministry of Energy of I.R.IRAN - وزارت نیرو’ have ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Has Ministry of Energy of I.R.IRAN - وزارت نیرو been affected by any supply chain cyber incidents ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو have SOC 2 Type 1 certification ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو is not certified under SOC 2 Type 1.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو have SOC 2 Type 2 certification ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو does not hold a SOC 2 Type 2 certification.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو comply with GDPR ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو is not listed as GDPR compliant.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو have PCI DSS certification ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو does not currently maintain PCI DSS compliance.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو comply with HIPAA ?
According to Rankiteo, Ministry of Energy of I.R.IRAN - وزارت نیرو is not compliant with HIPAA regulations.
Does Ministry of Energy of I.R.IRAN - وزارت نیرو have ISO 27001 certification ?
According to Rankiteo,Ministry of Energy of I.R.IRAN - وزارت نیرو is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Ministry of Energy of I.R.IRAN - وزارت نیرو
Ministry of Energy of I.R.IRAN - وزارت نیرو operates primarily in the Oil and Gas industry.
Number of Employees at Ministry of Energy of I.R.IRAN - وزارت نیرو
Ministry of Energy of I.R.IRAN - وزارت نیرو employs approximately 187 people worldwide.
Subsidiaries Owned by Ministry of Energy of I.R.IRAN - وزارت نیرو
Ministry of Energy of I.R.IRAN - وزارت نیرو presently has no subsidiaries across any sectors.
Ministry of Energy of I.R.IRAN - وزارت نیرو’s LinkedIn Followers
Ministry of Energy of I.R.IRAN - وزارت نیرو’s official LinkedIn profile has approximately 1,115 followers.
NAICS Classification of Ministry of Energy of I.R.IRAN - وزارت نیرو
Ministry of Energy of I.R.IRAN - وزارت نیرو is classified under the NAICS code 211, which corresponds to Oil and Gas Extraction.
Ministry of Energy of I.R.IRAN - وزارت نیرو’s Presence on Crunchbase
No, Ministry of Energy of I.R.IRAN - وزارت نیرو does not have a profile on Crunchbase.
Ministry of Energy of I.R.IRAN - وزارت نیرو’s Presence on LinkedIn
Yes, Ministry of Energy of I.R.IRAN - وزارت نیرو maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/iran-energy-ministry.
Cybersecurity Incidents Involving Ministry of Energy of I.R.IRAN - وزارت نیرو
As of January 21, 2026, Rankiteo reports that Ministry of Energy of I.R.IRAN - وزارت نیرو has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Ministry of Energy of I.R.IRAN - وزارت نیرو has an estimated 10,647 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Ministry of Energy of I.R.IRAN - وزارت نیرو ?
Incident Types: The types of cybersecurity incidents that have occurred include Cyber Attack.
How does Ministry of Energy of I.R.IRAN - وزارت نیرو detect and respond to cybersecurity incidents ?
Detection and Response: The company detects and responds to cybersecurity incidents through an communication strategy with hacktivist groups using telegram channels to amplify narratives and claims..
Incident Details
Can you provide details on each incident ?
Title: Cyber Conflict Escalation in Middle East: Israel-Iran Hacktivism Surge
Description: The Israel-Iran conflict that began with Israeli attacks on Iranian nuclear and military targets on June 13 has sparked a wider cyber conflict in the region, including the launch of new malware campaigns. Cyble threat intelligence researchers documented cyberattacks by 74 hacktivist groups in the Middle East region between June 13 and 17, with over 90% being pro-Iran. The attacks targeted Israeli organizations and spilled over into Egypt, Jordan, UAE, Pakistan, and Saudi Arabia, involving DDoS attacks, website defacements, unauthorized access, data breaches, ransomware/wiper, and banking malware campaigns.
Date Detected: 2024-06-13
Date Publicly Disclosed: 2024-06-17
Type: DDoS
Attack Vector: Internet-facing systemsAccessibility service abuse (Android malware)Geopolitically targeted malware
Threat Actor: Handala GroupAnonymous GuysArabian GhostsServer KillersRipperSecDienetLulzSec BlackCyber Ghost TeamKeymous+GhostSecDark Storm TeamYemen Cyber ArmyAnonymous Syria HackersRed EagleMysterios TeamTunisian MaskersUnit NineIslamic Hacker ArmyCyber Islamic ResistanceNation of SaviorsUnknown Cybers TeamMr HamzaEvilByteDigital GhostCyber Fattah TeamPredatory SparrowAnon-g Fox
Motivation: GeopoliticalPro-PalestinianPro-IranianAnti-WesternIdeological
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Cyber Attack.
Impact of the Incidents
What was the impact of each incident ?
Incident : DDoS IRA1767601584
Data Compromised: Banking and cryptocurrency data, personally identifiable information, credentials
Systems Affected: GovernmentDefenseMediaTelecomFinanceEducationEmergency servicesCryptocurrency exchangesChemical/Energy
Operational Impact: Disruption of services, unauthorized access, data exfiltration
Brand Reputation Impact: Significant (defacements, data leaks, ransomware claims)
Identity Theft Risk: High (banking data, PII exposed)
Payment Information Risk: High (card data, bank account details harvested)
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Banking Data, Cryptocurrency Data, Personally Identifiable Information, Credentials, Card Data and .
Which entities were affected by each incident ?
Incident : DDoS IRA1767601584
Entity Name: Multiple Israeli organizations
Entity Type: Government, Defense, Media, Telecom, Finance, Education, Chemical/Energy
Industry: Government, Defense, Media, Telecommunications, Finance, Education, Energy
Location: Israel
Incident : DDoS IRA1767601584
Entity Name: Nobitex
Entity Type: Cryptocurrency exchange
Industry: Finance
Location: Iran
Incident : DDoS IRA1767601584
Entity Name: Iranian organizations
Entity Type: Government, Banking
Industry: Government, Finance
Location: Iran
Response to the Incidents
What measures were taken in response to each incident ?
Incident : DDoS IRA1767601584
Communication Strategy: Hacktivist groups using Telegram channels to amplify narratives and claims
Data Breach Information
What type of data was compromised in each breach ?
Incident : DDoS IRA1767601584
Type of Data Compromised: Banking data, Cryptocurrency data, Personally identifiable information, Credentials, Card data
Sensitivity of Data: High (financial, PII, government-related)
Data Exfiltration: Yes (claimed by Handala Group)
Data Encryption: Yes (ransomware/wiper malware)
Personally Identifiable Information: Yes (bank account numbers, balances, card data)
Ransomware Information
Was ransomware involved in any of the incidents ?
Incident : DDoS IRA1767601584
Ransomware Strain: encryption.exe (Anon-g Fox)Handala Group ransomware
Data Encryption: Yes
Data Exfiltration: Yes (claimed by Handala Group)
Lessons Learned and Recommendations
What lessons were learned from each incident ?
Incident : DDoS IRA1767601584
Lessons Learned: Hacktivist groups are leveraging geopolitical conflicts to amplify cyberattacks, combining digital operations with information warfare. Organizations in conflict zones or allied nations are at heightened risk of DDoS, defacement, data breaches, and ransomware attacks.
What recommendations were made to prevent future incidents ?
Incident : DDoS IRA1767601584
Recommendations: Invest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on AndroidInvest in DDoS protections, Enhance data breach prevention measures, Monitor for website defacements, Prepare for ransomware attacks, Implement geopolitical threat intelligence, Secure banking and cryptocurrency applications against malware, Abuse prevention for Accessibility services on Android
What are the key lessons learned from past incidents ?
Key Lessons Learned: The key lessons learned from past incidents are Hacktivist groups are leveraging geopolitical conflicts to amplify cyberattacks, combining digital operations with information warfare. Organizations in conflict zones or allied nations are at heightened risk of DDoS, defacement, data breaches, and ransomware attacks.
References
Where can I find more information about each incident ?
Where can stakeholders find additional resources on cybersecurity best practices ?
Additional Resources: Stakeholders can find additional resources on cybersecurity best practices at and Source: Cyble Threat Intelligence AdvisoryDate Accessed: 2024-06-17.
Investigation Status
What is the current status of the investigation for each incident ?
Incident : DDoS IRA1767601584
Investigation Status: Ongoing
How does the company communicate the status of incident investigations to stakeholders ?
Communication of Investigation Status: The company communicates the status of incident investigations to stakeholders through Hacktivist groups using Telegram channels to amplify narratives and claims.
Stakeholder and Customer Advisories
Were there any advisories issued to stakeholders or customers for each incident ?
Incident : DDoS IRA1767601584
Stakeholder Advisories: Organizations in the Middle East and allied nations advised to bolster cybersecurity defenses due to heightened hacktivist activity.
What advisories does the company provide to stakeholders and customers following an incident ?
Advisories Provided: The company provides the following advisories to stakeholders and customers following an incident: was Organizations in the Middle East and allied nations advised to bolster cybersecurity defenses due to heightened hacktivist activity..
Post-Incident Analysis
What were the root causes and corrective actions taken for each incident ?
Incident : DDoS IRA1767601584
Root Causes: Geopolitical conflict escalation, ideologically motivated hacktivist groups, exploitation of regional tensions
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an Handala GroupAnonymous GuysArabian GhostsServer KillersRipperSecDienetLulzSec BlackCyber Ghost TeamKeymous+GhostSecDark Storm TeamYemen Cyber ArmyAnonymous Syria HackersRed EagleMysterios TeamTunisian MaskersUnit NineIslamic Hacker ArmyCyber Islamic ResistanceNation of SaviorsUnknown Cybers TeamMr HamzaEvilByteDigital GhostCyber Fattah TeamPredatory SparrowAnon-g Fox.
Incident Details
What was the most recent incident detected ?
Most Recent Incident Detected: The most recent incident detected was on 2024-06-13.
What was the most recent incident publicly disclosed ?
Most Recent Incident Publicly Disclosed: The most recent incident publicly disclosed was on 2024-06-17.
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Banking and cryptocurrency data, personally identifiable information and credentials.
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was GovernmentDefenseMediaTelecomFinanceEducationEmergency servicesCryptocurrency exchangesChemical/Energy.
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Banking and cryptocurrency data, personally identifiable information and credentials.
Lessons Learned and Recommendations
What was the most significant lesson learned from past incidents ?
Most Significant Lesson Learned: The most significant lesson learned from past incidents was Hacktivist groups are leveraging geopolitical conflicts to amplify cyberattacks, combining digital operations with information warfare. Organizations in conflict zones or allied nations are at heightened risk of DDoS, defacement, data breaches, and ransomware attacks.
What was the most significant recommendation implemented to improve cybersecurity ?
Most Significant Recommendation Implemented: The most significant recommendation implemented to improve cybersecurity was Invest in DDoS protections, Monitor for website defacements, Secure banking and cryptocurrency applications against malware, Implement geopolitical threat intelligence, Prepare for ransomware attacks, Abuse prevention for Accessibility services on Android and Enhance data breach prevention measures.
References
What is the most recent source of information about an incident ?
Most Recent Source: The most recent source of information about an incident is Cyble Threat Intelligence Advisory.
Investigation Status
What is the current status of the most recent investigation ?
Current Status of Most Recent Investigation: The current status of the most recent investigation is Ongoing.
Stakeholder and Customer Advisories
What was the most recent stakeholder advisory issued ?
Most Recent Stakeholder Advisory: The most recent stakeholder advisory issued was Organizations in the Middle East and allied nations advised to bolster cybersecurity defenses due to heightened hacktivist activity., .
.png)
Latest Global CVEs (Not Company-Specific)
Description
SummaryA command injection vulnerability (CWE-78) has been found to exist in the `wrangler pages deploy` command. The issue occurs because the `--commit-hash` parameter is passed directly to a shell command without proper validation or sanitization, allowing an attacker with control of `--commit-hash` to execute arbitrary commands on the system running Wrangler. Root causeThe commitHash variable, derived from user input via the --commit-hash CLI argument, is interpolated directly into a shell command using template literals (e.g., execSync(`git show -s --format=%B ${commitHash}`)). Shell metacharacters are interpreted by the shell, enabling command execution. ImpactThis vulnerability is generally hard to exploit, as it requires --commit-hash to be attacker controlled. The vulnerability primarily affects CI/CD environments where `wrangler pages deploy` is used in automated pipelines and the --commit-hash parameter is populated from external, potentially untrusted sources. An attacker could exploit this to: * Run any shell command. * Exfiltrate environment variables. * Compromise the CI runner to install backdoors or modify build artifacts. Credits Disclosed responsibly by kny4hacker. Mitigation * Wrangler v4 users are requested to upgrade to Wrangler v4.59.1 or higher. * Wrangler v3 users are requested to upgrade to Wrangler v3.114.17 or higher. * Users on Wrangler v2 (EOL) should upgrade to a supported major version.
Risk Information
cvss4
Base: 7.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all Oracle VM VirtualBox accessible data as well as unauthorized access to critical data or complete access to all Oracle VM VirtualBox accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.1 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L).
Risk Information
cvss3
Base: 8.1
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:L
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Description
Vulnerability in the Oracle VM VirtualBox product of Oracle Virtualization (component: Core). Supported versions that are affected are 7.1.14 and 7.2.4. Easily exploitable vulnerability allows high privileged attacker with logon to the infrastructure where Oracle VM VirtualBox executes to compromise Oracle VM VirtualBox. While the vulnerability is in Oracle VM VirtualBox, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of Oracle VM VirtualBox. CVSS 3.1 Base Score 8.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H).
Risk Information
cvss3
Base: 8.2
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=iran-energy-ministry' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
