Since joining with AHEAD + RoundTower, we will continue under the unified company name, AHEAD.
A Neo é uma empresa brasileira, fundada em 2017 e com atuação em todo o território nacional. Especialista em Customer Experience, tecnologia e na criação de produtos digitais, a Neo conta com um time de mais de 10 mil colaboradores em 5 unidades operacionais e uma sede administrativa, distribuídas entre os estados de São Paulo e Rio de Janeiro. Com muita paixão e criatividade, entregamos soluções customizadas para nossos clientes e entendemos cada projeto como único, levando produtos inovadores e disruptivos para o alcance da máxima eficiência. Crescendo de maneira exponencial, a Neo oferece, por meio de sua marca digital hypeone, as soluções mais inovadoras do mercado. Seus profissionais têm um olhar voltado à Engenharia, Inteligência Artificial, Analytics, Automação e UX & UI. Atendemos as 65 maiores empresas do Brasil, levando a cada uma delas soluções e serviços personalizados, exclusivos e estrategicamente desenhados para atender às suas necessidades.
Security & Compliance Standards Overview
No incidents recorded for Kovarus an AHEAD Company in 2025.
No incidents recorded for Neobpo in 2025.
Kovarus an AHEAD Company cyber incidents detection timeline including parent company and subsidiaries
Neobpo cyber incidents detection timeline including parent company and subsidiaries
Last 3 Security & Risk Events by Company
The Bold Page Builder plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the ‘percentage’ parameter in all versions up to, and including, 5.4.5 due to insufficient input sanitization and output escaping. This makes it possible for authenticated attackers, with Contributor-level access and above, to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page.
The ComboServlet in Liferay Portal 7.4.0 through 7.4.3.111, and older unsupported versions, and Liferay DXP 2023.Q4.0 through 2023.Q4.2, 2023.Q3.1 through 2023.Q3.5, 7.4 GA through update 92, 7.3 GA through update 35, and older unsupported versions does not limit the number or size of the files it will combine, which allows remote attackers to create very large responses that lead to a denial of service attack via the URL query string.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and create arbitrary directories on the target machine.
A relative path traversal vulnerability was discovered in Productivity Suite software version 4.4.1.19. The vulnerability allows an unauthenticated remote attacker to interact with the ProductivityService PLC simulator and delete arbitrary files on the target machine.
