NWF A.I CyberSecurity Scoring
03/04/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for National Wildlife Federation in 2026.
No incidents recorded for National Wildlife Federation in 2026.
No incidents recorded for National Wildlife Federation in 2026.
Non-profit Organizations
Médecins Sans Frontières (MSF) is an international, independent, medical humanitarian organisation working to provide medical assistance to people affected by conflict, epidemics, disasters, or exclusion from healthcare. Since our founding in 1971, we’ve grown to a global movement delivering humanitarian assistance in over 70 countries. Thanks to our 7 million individual donors, our work remains impartial and independent. Read more about us on msf.org
IEEE is the world’s largest technical professional organization and is a public charity dedicated to advancing technological innovation and excellence for the benefit of humanity. IEEE and its members inspire a global community through its highly cited publications, conferences, technology standards, and professional and educational activities. IEEE is the trusted “voice” for engineering, computing and technology information around the globe. For information about the IEEE - visit http://www.ieee.org.
Casa de la Familia (CDLF) is a 501(c)(3) non-profit organization founded in 1996 by Clinical Psychologist Dr. Ana Nogales whose vision was to create an organization dedicated to ensuring long-lasting mental health success of children, youth, and families in response to psychological trauma. We provide our services at little to no cost to make mental health care more accessible. Our services include individual counseling, family counseling, group counseling, support groups, advocacy, crisis intervention, and outreach to Los Angeles, Riverside, San Bernardino, and Orange Counties. Our mission is to provide mental health services to children, adolescents, and adults in communities de-prioritized by the traditional mental health system, particularly those with a history of trauma. Our non-governmental organization offers therapy, support, and resources to those who need it most.
AIESEC develops leadership among youth aged 18 to 30 and contributes to strengthening the global employability market by providing an end-to-end international talent recruitment solution for Enterprises, NGOs, and Start-ups. AIESEC is the world's largest youth-run organization developing the leadership potential of young people. Present in 120+ countries and territories across 2600 universities, we provide students and recent graduates with life-changing experiences to intern or volunteer abroad within partner organizations. We partner with organizations ranging from Fortune 500 to local enterprises in developing and sourcing their global talent needs across our network. Through our programs in universities, we provide organizations with access to a global network of young talent who have the capabilities to make a positive impact. For the last seven decades, we have developed over one million leaders ranging from business, civil society, and world leaders, including one Nobel Peace Prize Laureate. Learn more about us at - http://partners.aiesec.org
The American Red Cross prevents and alleviates human suffering in the face of emergencies by mobilizing the power of volunteers and the generosity of donors. Each day, thousands of people – people just like you – provide compassionate care to those in need. Our network of generous donors, volunteers and employees share a mission of preventing and relieving suffering, here at home and around the world. We roll up our sleeves and donate time, money and blood. We learn or teach life-saving skills so our communities can be better prepared when the need arises. We do this every day because the Red Cross is needed - every day.
Save the Children Save the Children is the world's leading independent organisation for children. We work in around 120 countries. Our vision is to live in a world in which every child attains the right to survival, protection, development and participation. Last year Save the Children's programmes and campaigns reached more than 55 million children directly around the world, through our and our partners' work. We work to inspire breakthroughs in the way the world treats children and to achieve immediate and lasting change in their lives. Across all of our work, we pursue several core values: accountability, ambition, collaboration, creativity and integrity.
The International Rescue Committee responds to the world’s worst humanitarian crises and help people to survive, recover, and gain control of their future. Founded in 1933 at the request of Albert Einstein, the IRC offers lifesaving care and life-changing assistance to refugees and displaced people forced to flee from war or disaster. At work today in over 50+ countries and in 28 U.S. cities, the IRC restores safety, dignity and hope to millions who are uprooted and struggling to endure.
YMCA of the USA is the national resource office for the nation's YMCAs. Located in Chicago, IL, YMCA of the USA exists to serve YMCAs. To address the specific needs of communities, each YMCA is an independent organization, autonomous and separate from YMCA of the USA. They are required by the national constitution to pay annual dues, to refrain from discrimination and to support the YMCA mission. All other decisions are local choices, including programs offered, staffing and style of operation. Learn, Grow and Thrive with a Career at the Y Imagine going to work knowing that what you do each day positively affects the lives of the people in your community. Working at the Y, you'll discover more than a job-you'll enjoy a career with a future and the opportunity to make a lasting difference in the lives of those around you. Our staff members-of all ages and backgrounds and life experiences-enjoy the personal satisfaction that comes from nurturing the potential of youth and teens, improving the nation's health and well-being and providing support to our neighbors. The Y ensures that everyone has the opportunity to become healthier, more confident, connected and secure. Search for open positions at Ys across the U.S.: https://www.ymca.org/get-involved/careers/opportunities/open-positions
Every day, we help millions of people to make journeys across London: By Tube, bus, tram, car, bike – and more. People don’t associate us with journeys by river, on foot or via the air, but we help with that, too. Getting people to where they need to go has been our business for over 100 years, and it shows. We’re leaders in our field, and no other city’s transport system is quite as recognisable: Red buses, black taxis, Tube trains and roundels have become icons in their own right. Our main job is to keep the city moving, working and growing but to do that, we have to listen. Constant improvements across the network are fuelled by feedback and comments from customers, as well as work within communities, representative groups, businesses and other London transport stakeholders. But our progress also depends on technology and data. With the future at our fingertips, we’ve already used it to revolutionise travel payments (think Oyster and contactless payment cards), and improved travel information. Tech and data is essential, not just to our future, but to others’: third parties use our data to power apps and services vital to customer journeys. So what’s next? As well as continuing to deliver Mayor of London, Sadiq Khan’s strategy and commitments on transport, our programme of capital investments is still one of the largest. We launched the Elizabeth line, we’re modernising services and stations and making travel safer for all.
Latest updates, reports, and threat intel affecting the global network.
An Oregon federal judge has ordered tailored changes to hydropower dam operations in the Columbia River Basin to protect endangered salmon...
E&E NEWS PM | A new poll of registered voters across the West found that most oppose rolling back federal environmental laws — a top...
The Georgia Cyber Innovation & Training Center at Augusta University has announced the National Wild Turkey Federation (NWTF) as its newest...
GREENWIRE | Interior Secretary Doug Burgum has a new agenda for the National Park Service: more hunting and fishing.
The winner of the National Wildlife Federation's 2025 National Wildlife Photo Contest looks like something straight out of a movie.
California wildlife officials are now allowing mountain lions to be killed to protect endangered bighorn sheep, changing a nearly...
The EPA proposed Monday a revised definition of waters of the US, putting the second Trump administration's stamp on wetlands protections.
GREENWIRE | State officials and environmental groups are asking a federal judge to order the Trump administration to take emergency actions...
By supporting this initiative, McDonald's USA aims to help accelerate the implementation of regenerative grazing principles among US-based...
HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not properly validated, an attacker could forge a callback URL containing their own valid GitHub OAuth code. When processing the callback, HedgeDoc used the victim's logged-in session to select which note to export, but the attacker's authorization code to determine which GitHub account received it. As a result, a logged-in victim who clicked a crafted link could export their own private, protected, or limited note directly into a Gist controlled by the attacker. This issue has been fixed in version 1.11.0.
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, which resolved YAML anchor aliases. A compact malicious payload could therefore expand into a huge object structure, consuming excessive CPU. This expansion ran on every request to the publish view (/s/<shortid>) and, when placed under the opengraph key, the editor view (/<noteId>). A ten-level alias bomb could block the single Node.js event loop for roughly 235 seconds per request, causing concurrent requests to hang or drop and rendering the instance unavailable (DoS). Because the note was stored in the database, the impact survived process restarts until the note was removed. toobusy-js did not reliably mitigate the worst cases, as the event loop was saturated before the middleware could respond. This issue was fixed in version 1.11.0.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes OBJ_obj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensions_by_name() uses the static shortname path and is not affected.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also dereferences akid->keyid, which is NULL for an empty AKI SEQUENCE (DER 30 00) even when the parse succeeds. A caller invoking an affected helper on an extension from an untrusted certificate triggers a SIGSEGV that crashes the Perl process.
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with preg_replace('/[^a-zA-Z0-9-_\\.]/','', $bucket), which permits '..' and '../' sequences. The sanitized value is interpolated into a Flysystem path as uploads://buckets/{bucket}. Flysystem's WhitespacePathNormalizer resolves 'buckets/..' to the empty string (the uploads storage root) without raising PathTraversalDetected because the '..' has a preceding component to consume. An authenticated low-privileged user can send a crafted request with a '../' bucket name to list, upload, and delete files across all buckets, including those belonging to other users or roles
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.