What is the official website of Nona Source ?

The official website of Nona Source is http://www.nona-source.com.

What is Nona Source's cybersecurity risk score?

Nona Source has an AI-generated cybersecurity risk score of 760 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has Nona Source experienced?

According to Rankiteo, Nona Source currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has Nona Source been affected by any supply chain cyber incidents ?

According to Rankiteo, Nona Source has been affected by a supply chain cyber incident involving Salesforce, with the incident ID TIFLVMCHR1770865579.

Does Nona Source have SOC 2 Type 1 certification ?

According to Rankiteo, Nona Source is not certified under SOC 2 Type 1.

Does Nona Source have SOC 2 Type 2 certification ?

According to Rankiteo, Nona Source does not hold a SOC 2 Type 2 certification.

Does Nona Source comply with GDPR ?

According to Rankiteo, Nona Source is not listed as GDPR compliant.

Does Nona Source have PCI DSS certification ?

According to Rankiteo, Nona Source does not currently maintain PCI DSS compliance.

Does Nona Source comply with HIPAA ?

According to Rankiteo, Nona Source is not compliant with HIPAA regulations.

Does Nona Source have ISO 27001 certification ?

According to Rankiteo,Nona Source is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does Nona Source operate in ?

Nona Source operates primarily in the Retail Apparel and Fashion industry.

How many employees does Nona Source have ?

Nona Source employs approximately 29 people worldwide.

Does Nona Source own any subsidiaries ?

Nona Source presently has no subsidiaries across any sectors.

How many LinkedIn followers does Nona Source have ?

Nona Source's official LinkedIn profile has approximately 7,191 followers.

What is the NAICS classification code for Nona Source ?

Nona Source is classified under the NAICS code 448, which corresponds to Clothing and Clothing Accessories Stores.

Does Nona Source have a Crunchbase profile ?

No, Nona Source does not have a profile on Crunchbase.

Does Nona Source have a LinkedIn profile ?

Yes, Nona Source maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/nona-source.

How many cybersecurity incidents has Nona Source experienced ?

As of June 14, 2026, Rankiteo reports that Nona Source has experienced 2 cybersecurity incidents.

How many peer or competitor companies does Nona Source have ?

Nona Source has an estimated 5,041 peer or competitor companies worldwide.

What types of cybersecurity incidents has Nona Source faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

Nona Source

Boost Score +25 with badge (5 left)

760

/1000

Fair

785

/1000

Fair

Nona Source Vendor Cyber Rating & Cyber Score

nona-source.com

Add Your Compliance Badge

Nona Source is the first online resale platform which re-values deadstock fabrics from the most exclusive French Maisons de Couture. Designed for Creative Talents by materials’ sourcing experts from LVMH, Nona Source offers professionals from the Fashion and Design industries the opportunity to purchase exclusive materials at a competitive price, and in stock-service.

Nona Source A.I CyberSecurity Scoring

Scoring History

Nona Source

Nona Source CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

LVMH

Breach

2/2026

Salesforce

TIFLVMCHR177086...

Nona Source

Breach

7/2025

LVM852071225

Loading…

A.I.

Nona Source Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for Nona Source

Incidents vs Retail Apparel and Fashion Industry Avg (This Year)

No incidents recorded for Nona Source in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for Nona Source in 2026.

Incident Types Nona Source vs Retail Apparel and Fashion Industry Avg (This Year)

No incidents recorded for Nona Source in 2026.

Incident History - Nona Source (X = Date, Y = Severity)

Loading…

SUBSIDIARY

Nona Source Subsidiaries

Nona Source

Retail Apparel and Fashion

Website: http://www.nona-source.com

Company Size: 29

LVMHRetail Luxury Goods and Jewelry

Loading…

Nona Source Similar Companies

Aditya Birla Fashion and Retail Ltd.

abfrl.com

Aditya Birla Fashion and Retail Limited (ABFRL), part of the Aditya Birla Group, is India’s leading fashion powerhouse, offering a distinguished portfolio of renowned brands and retail formats, catering to multiple high-growth segments. As of March 31, 2025, the Company has presence across 1,167 stores spanning 7.3 Mn sq.ft. retail space. ABFRL’s portfolio includes Pantaloons, one of India’s most loved fashion destinations, and OWND!, a growing value retail format. The Company also operates The Collective, who commands a dominant position as one of the country’s most influential multi-brand luxury retailers, with exclusive long-term tie-ups with global fashion brands including Ralph Lauren, Hackett London, Ted Baker and Fred Perry. ABFRL has also partnered with Paris based Galeries Lafayette to introduce a high-end luxury destination in India. ABFRL is a market leader in branded ethnic wear, its portfolio includes Jaypore, Tasva and TCNS brands and it has forged strategic partnerships with India’s top designers such as Shantnu & Nikhil, Tarun Tahiliani, Sabyasachi, and House of Masaba. Recently, the Company further expanded its ethnic wear leadership with the integration of TCNS brands, home to leading women’s brands W, Aurelia, Wishful, Elleven and Folksong. To address the evolving preferences of digitally native consumers, ABFRL is also building a portfolio of new-age, digital-first fashion brands under its tech-led venture TMRW. This platform collaborates with emerging entrepreneurs to co-create scalable fashion businesses in India’s rapidly expanding fashion ecosystem.

Forever 21

cb forever21.com

Forever 21 continues to be a fashion industry leader with a mission to make the latest trends accessible to all. F21 persists on staying ahead of innovation and providing styles and fit that our customers love. While reinventing for now and beyond, we’re seeking passionate and creative new family members to join us on this adventure! F21 continues to operate E-commerce and 450 locations across the U.S. along with maintaining a strong brand DNA with consumers and within the fashion industry. In February 2020, Forever 21 came under new ownership made up of Simon Property Group, Brookfield Property Partners, and Authentic Brands Group. Under this new ownership F21 has the financial strength and long term view that will prepare us for the future, while continuing to set the same high standards as it always has. Join our team and learn the inner sanctum of the global fashion industry, while we build the new Forever 21! Forever 21 is operated by SPARC Group LLC. About SPARC Group LLC SPARC Group LLC offers operational and strategic expertise including retail and e-commerce management, sourcing, design and technology for leading global brands. SPARC Group is a joint venture between Simon Property Group, a preeminent retail real estate company and Authentic Brands Group, a global leader in brand development. In addition to Forever 21, SPARC Group brands include Aéropostale, Brooks Brothers, Nautica, Eddie Bauer, and Lucky Brand. SPARC Group LLC is an equal opportunity employer, and is committed to maintaining a workplace free from prohibited employment conduct, including discrimination or harassment on the basis of race, color, national origin, sex, age, religion, disability, genetic information, sexual orientation, gender identity or expression, marital status, domestic partner status, civil partnership, status as a covered veteran, status in the Uniformed Services of the United States, citizenship and any other characteristic protected by law.

Ralph Lauren

ralphlauren.com

Ralph Lauren Corporation (NYSE:RL) is a global leader in the design, marketing and distribution of luxury lifestyle products in five categories: apparel, footwear & accessories, home, fragrances and hospitality. For more than 50 years, Ralph Lauren has sought to inspire the dream of a better life through authenticity and timeless style. Its reputation and distinctive image have been developed across a wide range of products, brands, distribution channels and international markets. The Company’s brand names – which include Ralph Lauren, Ralph Lauren Collection, Ralph Lauren Purple Label, Polo Ralph Lauren, Double RL, Lauren Ralph Lauren, Polo Ralph Lauren Children and Chaps, among others – constitute one of the world’s most widely recognized families of consumer brands.

Saks Global

saksglobal.com

Saks Global is the largest multi-brand luxury retailer in the world, comprising Saks Fifth Avenue, Neiman Marcus, Bergdorf Goodman, Saks OFF 5TH, Last Call and Horchow. Its retail portfolio includes 70 full-line luxury locations, additional off-price locations and five distinct e-commerce experiences. With talented colleagues focused on delivering on our strategic vision, The Art of You, Saks Global is redefining luxury shopping by offering each customer a personalized experience that is unmistakably their own. By leveraging the most comprehensive luxury customer data platform in North America, cutting-edge technology, and strong partnerships with the world's most esteemed brands, Saks Global is shaping the future of luxury retail. Saks Global Properties & Investments includes Saks Fifth Avenue and Neiman Marcus flagship properties and represents nearly 13 million square feet of prime U.S. real estate holdings and investments in luxury markets. Interested in joining our world-class team of professionals? Visit https://careers.saksglobal.com/us/en to explore career opportunities across Saks Global.

HUGO BOSS

hugoboss.com

At HUGO BOSS, we firmly believe that the passion and dedication of our employees is the essence for the successful execution of our “CLAIM 5 TOUCHDOWN” growth strategy. A strong commitment to empowering people and teams is therefore firmly anchored in “CLAIM 5 TOUCHDOWN”. In this context, our HUGO BOSS values — entrepreneurial spirit, personal ownership, team mentality, simplicity & quality, and youthful spirit — play a key role. They form the guiding principle for day-to-day cooperation and are intended to foster a spirit of mutual trust. The aim is to create an environment that enables all employees to develop their individual talents and thus directly contribute to the success of “CLAIM 5 TOUCHDOWN”. On top of that, HUGO BOSS intends to continue positioning itself as one of the most attractive employers in the fashion industry. This, in turn, should enable us to attract the best talents in the sector.

Tapestry

tapestry.com

Our global house of brands unites the magic of Coach and Kate Spade New York. By intertwining different people and ideas, we push ourselves in our work and expand the bounds of possibility. Learn about our iconic brands: tapestry.com/our-brands We’ve grown by finding people dedicated to the dream all over the world. We hold ourselves to high standards in every material and process, and we embrace difference by design because diverse perspectives are at the heart of creativity. We find brilliance in the intersections—of beauty and function, of heritage and innovation, of accessibility and aspiration—which is how we bring together magic and logic in our craft. Find out about our people and employer priorities: tapestry.com/responsibility/our-people The result is that we stand taller together, elevating the best in our people and brands. We use our collective strengths to move our customers and empower our communities, to make the fashion industry sustainable, and to build a house that’s equitable, inclusive, and diverse. Individually, our brands are iconic. Together, we can stretch what’s possible. See our values and commitments to support our people, communities and planet: tapestry.com/responsibility __ Please Be Advised - Recruitment Scams: Tapestry and its brands will only reach out to interview, make an offer of employment or conduct onboarding activities for candidates who have applied through our careers site. If you find a job posting on a third-party job site, such as LinkedIn, please know that a legitimate posting will direct you to our careers site to apply. When interviewing for a position, the candidate experience will include live interaction, such as a video conference or phone call, with a Recruiter and/or company employee(s). Be aware of suspicious recruitment activity. If you think you are a victim of an employment scam, please visit the Federal Trade Commission website: https://www.consumer.ftc.gov/articles/0243-job-scams

J.Crew

jcrew.com

Since 1983, we’ve been designing pieces that feel both familiar and refreshingly new, crafted with unbeatable quality and distinctive point of view...it’s no wonder we’ve been in your closet for four decades and counting. Today, we continue to do the classics our way, inspiring not only how you shop but also how you express your personal style. Our commitment runs deeper than just making great clothes—we're proud of our role in getting you dressed with confidence, character and the unique style sensibility that makes us who we are.

Levi Strauss & Co.

cb levistrauss.com

You’re an original. So are we. We’re a company of people who like to forge our own path. We invented the blue jean in 1873, and we reinvented khaki pants in 1986. We pioneered labor and environmental guidelines in manufacturing. And we work to build sustainability into everything we do. We just might be the original startup. Our brands — Levi’s®, Dockers®, Beyond Yoga®, Denizen® and Signature by Levi Strauss & Co.™ — stand for freedom and self-expression around the world. And for more than 170 years, we’ve used the strength of our brands to lead with our values and make an outsized impact on the world. There’s plenty of room to make your mark here. We employ more than 15,000 people around the world, and this is a place where everyone contributes to the conversation. Levi Strauss & Co. is an equal opportunity employer and all qualified applicants will receive consideration for employment without regard to race, color, religion, gender, national origin, disability status, protected veteran status or any other characteristic protected by law.

Bata Group

cb bata.com

The Bata Group is one of the world's leading manufacturers and retailers of quality footwear. A global concern with more than 32,000 employees, 21 production facilities, over 5,300 stores in more than 70 countries across the globe, Bata has been providing the best shoes at the best prices, backed by unparalleled service, for 125+ years. Since its founding on September 21, 1894, by Thomas Bata, the company has consistently demonstrated its commitment to responsible and innovative business models in the belief that capital is not just money, buildings or technology, but, more importantly, people, knowledge and core values. This visionary approach has enabled the company to meet each new challenge with creativity and foresight, while earning the trust and confidence of customers, employees and the communities in which it does business. Today, Bata's pioneering decentralized production system, featuring semi-autonomous regional facilities guided by three regional business units, allows the company to quickly adapt to changes in the marketplace and seize potential growth opportunities. It also continues Bata's long tradition of being sensitive to cultural and national differences, and enables it to proudly function as a local company in every country it serves. Follow us on facebook.com/bata

Loading…

NEWS

Nona Source CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

April 27, 2021 07:00 AM

LVMH launches luxury deadstock resale site—making good on the fashion industry's past mistakes

The new online marketplace called Nona Source will re-sell fabrics and leathers that were once carefully selected by designers working at one of the many...

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-12175

SUMMARY

A vulnerability was detected in CodeAstro Student Attendance Management System 1.0. Impacted is an unknown function of the file /attendance-php/Admin/createStudents.php. Performing a manipulation of the argument admissionNumber results in sql injection. Remote exploitation of the attack is possible. The exploit is now public and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 4.7)

cvss2

Base Score: 5.8

Complexity: LOW

AV:N/AC:L/Au:M/C:P/I:P/A:P

cvss3

Base Score: 4.7

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:L/A:L

cvss4

Base Score: 2.0

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:H/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

3.4

Exploitability

1.2

REFERENCES

CVE-2026-12174

SUMMARY

A security vulnerability has been detected in D-Link DCS-935L 1.10.01. This issue affects the function snprintf of the file /web/cgi-bin/greece/rhea of the component HTTP Handler. Such manipulation of the argument data leads to format string. The attack may be launched remotely. The exploit has been disclosed publicly and may be used.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 8.8)

cvss2

Base Score: 9.0

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:C/A:C

cvss3

Base Score: 8.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 7.4

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

2.8

REFERENCES

CVE-2026-12183

SUMMARY

Nefteprodukttekhnika BUK TS-G Gas Station Automation System 2.9.1 through 2.10.2 on Linux contains an Improper Authentication vulnerability (CWE-287) in the system configuration module. The /php/ajax-login.php endpoint returns userid=1 (administrator) in response to any HTTP POST request that supplies arbitrary credentials (e.g., action=dologin&login=<any_value>&pwd=<any_value>), and subsequent privileged endpoints under /php/ajax-main.php and /modules/* do not validate a server-side session. A remote unauthenticated attacker can invoke any administrative action exposed by the configuration module, including reading and modifying user rules, fuel tank gauges, fuel dispensers, relays, cash registers, bank terminals, fuel cards, price and customer displays, cash collection, and pricing rules.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 9.8)

cvss3

Base Score: 9.8

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

cvss4

Base Score: 9.3

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X

Impact Score

5.9

Exploitability

3.9

REFERENCES

CVE-2026-6428

SUMMARY

SQL Injection in reports/catalogue_out.pl in Koha Community Koha through 22.11.37, 23.x, 24.x before 24.11.16, 25.05.x before 25.05.11, 25.11.x before 25.11.05, 26.05.x before 26.05.01, and 26.11.x before 26.11.00 allows an authenticated staff user with the Reports module flag to read arbitrary data from the Koha application database via the Filter URL parameter when the Criteria parameter matches /branchcode/. The vulnerable sink in sub calculate concatenates the unmodified Filter request parameter directly into a LIKE clause of the auxiliary $strsth2 statement and executes it via DBI without bound parameters: my $f = @$filters[0]; $f =~ s/\*/%/g; $strsth2 .= " AND $column LIKE '$f' "; This enables error-based SQL injection (e.g., via EXTRACTVALUE) and full read access to sensitive tables including borrowers (password hashes, 2FA secrets, PII), borrower_password_recovery, api_keys, and sessions. Proof of concept (error-based, single request): GET /cgi-bin/koha/reports/catalogue_out.pl?do_it=1&output=screen&Limit=10&Criteria=branchcode&Filter=x'+AND+EXTRACTVALUE(1,CONCAT(0x7e,VERSION(),0x7c,USER(),0x7c,DATABASE(),0x7e))--+- Cookie: CGISESSID=<LIBRARIAN_SESSION> The response body contains the DBI exception leaking the MariaDB version, database user, client IP, and database name, after which arbitrary data can be paged out using LIMIT n,1 / SUBSTRING(...). The vulnerable sink was introduced in commit 6bb77ae3e4 (2008-07-09); CVE-2015-4633 patched the same class in sibling files but did not generalise the fix to reports/catalogue_out.pl. Fixed in Koha 22.11.38, 24.11.16, 25.05.11, 25.11.05, 26.05.01, and 26.11.00 by replacing the raw concatenation with a parameterised placeholder.

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.6)

cvss2

Base Score: 7.5

Complexity: LOW

AV:N/AC:L/Au:S/C:C/I:N/A:P

cvss3

Base Score: 7.6

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

cvss4

Base Score: 5.6

Complexity: LOW

CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:N/VC:H/VI:L/VA:L/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:Y/R:X/V:C/RE:X/U:Amber

Impact Score

4.7

Exploitability

2.8

REFERENCES

CVE-2026-5513

SUMMARY

The Online Scheduling and Appointment Booking System – Bookly plugin for WordPress is vulnerable to Stored Cross-Site Scripting via the 'bookly-customer-full-name' cookie in versions up to, and including, 27.2 due to insufficient input sanitization and output escaping. This makes it possible for unauthenticated attackers to inject arbitrary web scripts in pages that will execute whenever a user accesses an injected page. Exploitation requires 'Remember personal information in cookies' setting to be enabled (disabled by default).

Published

Date2026-06-13

Updated

Date2026-06-13

RISK INFORMATION (Score: 7.2)

cvss3

Base Score: 7.2

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N

Impact Score

2.7

Exploitability

3.9

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…