Jellyfish
Company Details
Linkedin ID:
jellyfishglobal
Website:
Employees number:
2,286
Number of followers:
339,735
NAICS:
541613
Industry Type:
Homepage:
jellyfish.com
IP Addresses:
0
Company ID:
JEL_3176098
Scan Status:
In-progress
Jellyfish Company CyberSecurity Posture
jellyfish.com
Jellyfish is a new kind of marketing performance company for the platform world, where success demands a creative, multi-platform mindset. We help brands thrive, by navigating, connecting, and harnessing the platforms that drive growth. We’re more than the same logo over every door. Our unique global structure combines platform understanding with tech, media, creativity, and data expertise. We make amazing things happen at the pace the platforms demand. We’re proud to help shape the future of some of the world’s best brands - from ecommerce and CPG, to entertainment and gaming. Our unique, decade-long, multi-region Google partnership delivers across GMP, Cloud, and Training. We’re a Salesforce Consulting Partner, and one of the industry’s most extensively certified teams across Amazon. We can help you unlock your full potential across Meta technologies across the globe. Including training, creative, paid social, and analytics We know how important it is to find, develop, and deploy the best digital talent. So we’re equally passionate about giving our talent a platform to perform, which everyone can shape and make their own as they progress. From nurturing diverse new talent within our Jellyfish Academy, to investing in proprietary technology that can cast and connect the best teams, globally and seamlessly. If you want to find out more about our latest career opportunities - wherever you are in the world - do get in touch.
Jellyfish A.I CyberSecurity Scoring
Jellyfish Risk Score (AI oriented)Between 750 and 799
Jellyfish
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
Jellyfish Global Score (TPRM)XXXX
Jellyfish
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
Jellyfish Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
Korean online ad agency
Vulnerability
Rankiteo Explanation
Attack threatening the organization’s existence
Description: APT37, a North Korea-linked cyber espionage group, launched a zero-day supply chain attack exploiting a vulnerability in Internet Explorer identified as CVE-2024-38178. They compromised a Korean online advertising agency which used an outdated IE-based WebView for ad content rendering. The agency's ad server was injected with malicious code, enabling APT37 to execute a zero-click attack on user systems through malicious ads, causing them to download malware without user interaction. The attack potentially allowed remote code execution and data exfiltration, causing significant security concerns for the affected company and its clients.
Jellyfish Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for Jellyfish
Incidents vs Advertising Services Industry Average (This Year)
No incidents recorded for Jellyfish in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for Jellyfish in 2025.
Incident Types Jellyfish vs Advertising Services Industry Avg (This Year)
No incidents recorded for Jellyfish in 2025.
Incident History — Jellyfish (X = Date, Y = Severity)
Jellyfish cyber incidents detection timeline including parent company and subsidiaries
Jellyfish Company Subsidiaries
Jellyfish is a new kind of marketing performance company for the platform world, where success demands a creative, multi-platform mindset. We help brands thrive, by navigating, connecting, and harnessing the platforms that drive growth. We’re more than the same logo over every door. Our unique global structure combines platform understanding with tech, media, creativity, and data expertise. We make amazing things happen at the pace the platforms demand. We’re proud to help shape the future of some of the world’s best brands - from ecommerce and CPG, to entertainment and gaming. Our unique, decade-long, multi-region Google partnership delivers across GMP, Cloud, and Training. We’re a Salesforce Consulting Partner, and one of the industry’s most extensively certified teams across Amazon. We can help you unlock your full potential across Meta technologies across the globe. Including training, creative, paid social, and analytics We know how important it is to find, develop, and deploy the best digital talent. So we’re equally passionate about giving our talent a platform to perform, which everyone can shape and make their own as they progress. From nurturing diverse new talent within our Jellyfish Academy, to investing in proprietary technology that can cast and connect the best teams, globally and seamlessly. If you want to find out more about our latest career opportunities - wherever you are in the world - do get in touch.
Loading...
Jellyfish Similar Companies
Ogilvy
Ogilvy has been creating impact for brands through iconic, culture-changing, value-driving ideas since the company was founded by David Ogilvy 75 years ago. We build on that rich legacy through Borderless Creativity – innovating at the intersections of its advertising, public relations, relationship
dentsu
We are dentsu. We team together to help brands predict and plan for disruptive future opportunities and create new paths to growth in the sustainable economy. We know people better than anyone else and we use those insights to connect brand, content, commerce and experience, underpinned by modern cr
IPG Mediabrands
IPG Mediabrands is the media and marketing solutions division of Interpublic Group (NYSE: IPG). IPG Mediabrands manages over $47 billion in marketing investment globally on behalf of its clients across its full-service agency networks UM, Initiative and Mediahub and through its award-winning special
Quad (NYSE: QUAD) is a global marketing experience company that helps brands make direct consumer connections, from household to in-store to online. Supported by state-of-the-art technology and data-driven intelligence, Quad uses its suite of media, creative and production solutions to streamline th
Founded in 1926 by Marcel Bleustein-Blanchet, today Publicis Groupe is the largest communications group in the world and a leader in marketing, communication, and digital business transformation, led by Arthur Sadoun, the third CEO in its history. Publicis Groupe is positioned at every step of the
TBWA\Worldwide
TBWA is The Disruption Company®. We are a Collective of creative minds with an unlimited creative canvas. We create brand platforms that defy convention and compete with culture. Thanks to our trademarked Disruption® methodology, we build the world’s strongest brands. Brands that own an unfair share
Clinic
Clinic is an independent creative agency. We create bold ideas, and craft them beautifully, to get people thinking, believing and doing. All of our experience goes into what we do today, and although our world’s constantly changing, the endpoint is still people and their experience, no matter
VML
VML is a global powerhouse born from the unification of Wunderman Thompson and VMLY&R — two of the world's most powerful and accomplished creative agencies with complementary capabilities and geographic strengths. We have an industry-unique opportunity to provide our client partners with a fully int
Interpublic Group (IPG)
Interpublic (NYSE: IPG) is a values-based, data-fueled, and creatively-driven provider of marketing solutions. Home to some of the world’s best-known and most innovative communications specialists, IPG global brands include Acxiom, Craft, FCB, FutureBrand, Golin, Initiative, IPG Health, IPG Mediabra
.png)
Jellyfish CyberSecurity News
October 31, 2025 07:00 AM
Goa scientists derive water-soluble, odourless collagen from jellyfish
Each year, particularly after the monsoon, fishermen across Goa report their nets returning nearly full of jellyfish—an occurrence...
August 24, 2025 07:00 AM
Swarm of 'massive and unpredictable' jellyfish shut down nuclear power plant
GRAVELINES, France (WKRC) - A swarm of jellyfish shut down a large nuclear power plant. The Guardian reported that the Gravelines nuclear...
August 12, 2025 07:00 AM
E&E News: Jellyfish invasion shuts down French nuclear reactors
ENERGYWIRE | A swarm of jellyfish that entered a cooling system paralyzed four reactors at the Gravelines nuclear power plant,...
March 11, 2025 07:00 AM
Wolf King Animated Series: Trailer, Release date, Voice cast, plot, & more
Based on Curtis Jobling's Wereworld novels, the series brings to life an epic adventure filled with shapeshifters, destiny, and power struggles.
December 03, 2024 08:00 AM
Scandinavian Beauty Brand Mantle Is Betting On Jellyfish Mucin As The Next Skincare Innovation
Scandinavian skincare company Mantle says jellyfish secretion is the next power-packed ingredient for hydration. Are dermatologists on board?
August 08, 2024 07:00 AM
Fake Jellyfish, Bans And Fines To Beware Of When Visiting European Beaches
Spain and Italy are fining holidaymakers hundreds of dollars for disobeying little-known rules regarding smoking, drinking alcohol and not covering your...
July 02, 2024 07:00 AM
4 Must-Know Facts About The Ocean’s Deadliest Animal (Hint: It’s Not A Shark)
Most people think the great white shark is the ocean predator they should fear the most. However, this type of jellyfish,...
March 23, 2024 07:00 AM
A Biologist Reveals The One Animal That Is Theoretically ‘Immortal’
Jellyfish are among the ocean's most incredible inhabitants. One unique species, through an astonishing biological process,...
July 11, 2023 07:00 AM
Portuguese man-of-wars spotted at multiple Rhode Island beaches
The Rhode Island Department of Environmental Management is warning beachgoers about Portuguese Man of War spottings at several Rhode Island...
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
Jellyfish CyberSecurity History Information
Official Website of Jellyfish
The official website of Jellyfish is http://www.jellyfish.com.
Jellyfish’s AI-Generated Cybersecurity Score
According to Rankiteo, Jellyfish’s AI-generated cybersecurity score is 770, reflecting their Fair security posture.
How many security badges does Jellyfish’ have ?
According to Rankiteo, Jellyfish currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does Jellyfish have SOC 2 Type 1 certification ?
According to Rankiteo, Jellyfish is not certified under SOC 2 Type 1.
Does Jellyfish have SOC 2 Type 2 certification ?
According to Rankiteo, Jellyfish does not hold a SOC 2 Type 2 certification.
Does Jellyfish comply with GDPR ?
According to Rankiteo, Jellyfish is not listed as GDPR compliant.
Does Jellyfish have PCI DSS certification ?
According to Rankiteo, Jellyfish does not currently maintain PCI DSS compliance.
Does Jellyfish comply with HIPAA ?
According to Rankiteo, Jellyfish is not compliant with HIPAA regulations.
Does Jellyfish have ISO 27001 certification ?
According to Rankiteo,Jellyfish is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of Jellyfish
Jellyfish operates primarily in the Advertising Services industry.
Number of Employees at Jellyfish
Jellyfish employs approximately 2,286 people worldwide.
Subsidiaries Owned by Jellyfish
Jellyfish presently has no subsidiaries across any sectors.
Jellyfish’s LinkedIn Followers
Jellyfish’s official LinkedIn profile has approximately 339,735 followers.
NAICS Classification of Jellyfish
Jellyfish is classified under the NAICS code 541613, which corresponds to Marketing Consulting Services.
Jellyfish’s Presence on Crunchbase
No, Jellyfish does not have a profile on Crunchbase.
Jellyfish’s Presence on LinkedIn
Yes, Jellyfish maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/jellyfishglobal.
Cybersecurity Incidents Involving Jellyfish
As of December 03, 2025, Rankiteo reports that Jellyfish has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
Jellyfish has an estimated 32,406 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at Jellyfish ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
Incident Details
Can you provide details on each incident ?
Title: APT37 Zero-Day Supply Chain Attack via Internet Explorer Vulnerability
Description: APT37, a North Korea-linked cyber espionage group, launched a zero-day supply chain attack exploiting a vulnerability in Internet Explorer identified as CVE-2024-38178. They compromised a Korean online advertising agency which used an outdated IE-based WebView for ad content rendering. The agency's ad server was injected with malicious code, enabling APT37 to execute a zero-click attack on user systems through malicious ads, causing them to download malware without user interaction. The attack potentially allowed remote code execution and data exfiltration, causing significant security concerns for the affected company and its clients.
Type: Cyber Espionage
Attack Vector: Supply Chain AttackZero-Day Exploit
Vulnerability Exploited: CVE-2024-38178
Threat Actor: APT37
Motivation: Espionage
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
How does the company identify the attack vectors used in incidents ?
Identification of Attack Vectors: The company identifies the attack vectors used in incidents through Internet Explorer Vulnerability (CVE-2024-38178).
Impact of the Incidents
What was the impact of each incident ?
Incident : Cyber Espionage JEL000102124
Systems Affected: User SystemsAd Server
Which entities were affected by each incident ?
Incident : Cyber Espionage JEL000102124
Entity Type: Online Advertising Agency
Industry: Advertising
Location: Korea
Initial Access Broker
How did the initial access broker gain entry for each incident ?
Incident : Cyber Espionage JEL000102124
Entry Point: Internet Explorer Vulnerability (CVE-2024-38178)
Additional Questions
General Information
Who was the attacking group in the last incident ?
Last Attacking Group: The attacking group in the last incident was an APT37.
Impact of the Incidents
What was the most significant system affected in an incident ?
Most Significant System Affected: The most significant system affected in an incident was User SystemsAd Server.
Initial Access Broker
What was the most recent entry point used by an initial access broker ?
Most Recent Entry Point: The most recent entry point used by an initial access broker was an Internet Explorer Vulnerability (CVE-2024-38178).
.png)
Latest Global CVEs (Not Company-Specific)
Description
ImageMagick is free and open-source software used for editing and manipulating digital images. Prior to 7.1.2-9 and 6.9.13-34, there is a vulnerability in ImageMagick’s Magick++ layer that manifests when Options::fontFamily is invoked with an empty string. Clearing a font family calls RelinquishMagickMemory on _drawInfo->font, freeing the font string but leaving _drawInfo->font pointing to freed memory while _drawInfo->family is set to that (now-invalid) pointer. Any later cleanup or reuse of _drawInfo->font re-frees or dereferences dangling memory. DestroyDrawInfo and other setters (Options::font, Image::font) assume _drawInfo->font remains valid, so destruction or subsequent updates trigger crashes or heap corruption. This vulnerability is fixed in 7.1.2-9 and 6.9.13-34.
Risk Information
cvss3
Base: 4.9
Severity: HIGH
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
Description
FeehiCMS version 2.1.1 has a Remote Code Execution via Unrestricted File Upload in Ad Management. FeehiCMS version 2.1.1 allows authenticated remote attackers to upload files that the server later executes (or stores in an executable location) without sufficient validation, sanitization, or execution restrictions. An authenticated remote attacker can upload a crafted PHP file and cause the application or web server to execute it, resulting in remote code execution (RCE).
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
PHPGurukul Billing System 1.0 is vulnerable to SQL Injection in the admin/index.php endpoint. Specifically, the username parameter accepts unvalidated user input, which is then concatenated directly into a backend SQL query.
Risk Information
cvss3
Base: 6.5
Severity: LOW
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N
Description
NMIS/BioDose software V22.02 and previous versions contain executable binaries with plain text hard-coded passwords. These hard-coded passwords could allow unauthorized access to both the application and database.
Risk Information
cvss3
Base: 7.3
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:L
cvss4
Base: 8.4
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:L/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
NMIS/BioDose V22.02 and previous versions' installation directory paths by default have insecure file permissions, which in certain deployment scenarios can enable users on client workstations to modify the program executables and libraries.
Risk Information
cvss3
Base: 8.0
Severity: LOW
CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H
cvss4
Base: 7.1
Severity: LOW
CVSS:4.0/AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=jellyfishglobal' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
