Npm-inc- vs Ukg - Cyber Risk Comparison & Security Rating

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Comparison Overview

npm, Inc.

UKG

npm, Inc.

1999 Harrison St, Oakland, 94612, US

Last Update: 12/06/2026

View Profile

Between 0 and 549

http://npmjs.com

140/1000Critical

Over 10 million software developers worldwide use npm, Inc.’s open source software and web registry to discover, share, and reuse packages of code. Our users download over 800,000 packages more than 7 billion times per week, and registry downloads have grown by more tha...

NAICS:5112

NAICS Definition:Software Publishers

Employees:18

Subsidiaries:52

12-month incidents

Known data breaches

Attack type number

UKG

N/A

Last Update: 01/04/2026

View Profile

Between 650 and 699

http://ukg.com

663/1000Weak

UKG is the Workforce Operating Platform that puts workforce understanding to work. With the world's largest collection of workforce insights, and people-first AI, our ability to reveal unseen ways to build trust, amplify productivity, and empower talent, is unmatched. I...

NAICS:5112

NAICS Definition:Software Publishers

Employees:16,048

Subsidiaries:0

12-month incidents

Known data breaches

Attack type number

Compliance Ranges Comparison

Based On Specific Ai Models Category

npm, Inc.

ISO 27001Not verified

SOC2 Type 1Not verified

SOC2 Type 2Not verified

GDPRNot verified

PCI DSSNot verified

HIPAANot verified

UKG

ISO 27001Not verified

SOC2 Type 1Not verified

SOC2 Type 2Not verified

GDPRNot verified

PCI DSSNot verified

HIPAANot verified

Benchmark & Cyber Underwriting Signals

Incidents vs Software Development Industry Avg (This Year)

npm, Inc. has 1956.07% more incidents than the average of same-industry companies with at least one recorded incident.

Incidents

Incidents vs Software Development Industry Avg (This Year)

No incidents recorded for UKG in 2026.

Incidents

Incident History - npm, Inc. (X = Date, Y = Severity)

npm, Inc. cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Incident History - UKG (X = Date, Y = Severity)

UKG cyber incidents detection timeline including parent company and subsidiaries.

R - Ransomware

C - Cyber Attack

D - Data Breach

V - Vulnerability

Notable Incidents

Last Cyber / HR Incidents / Global...

npm, Inc.

Incidents

🔒 Incident : Cyber Attack

MORNPMCOI1781267690

🔒 Incident : Cyber Attack

GITEXONPM1780604646

🔒 Incident : Cyber Attack

NPMPYPSOC1780388789

UKG

Incidents

🔒 Incident : Breach

UKG921072725

🔒 Incident : Ransomware

UKG550080525

🔒 Incident : Ransomware

UKG1770674656

FAQ

Between npm, Inc. company and UKG company, which one has the best AI Cybersecurity Score ?

Between npm, Inc. company and UKG company, which one has experienced more cyber incidents in the past ?

Between npm, Inc. company and UKG company, which one has experienced more cyber incidents this year ?

Between npm, Inc. company and UKG company, which one has experienced at least one ransomware attack ?

Between npm, Inc. company and UKG company, which one has experienced at least one data breach ?

Between npm, Inc. company and UKG company, which one has experienced at least one targeted cyberattack ?

Between npm, Inc. company and UKG company, which one has experienced at least one vulnerability ?

Between npm, Inc. company and UKG company, which one holds the most compliance certifications ?

Between npm, Inc. company and UKG company, which one holds the fewest compliance certifications ?

Between npm, Inc. company and UKG company, which one has the most subsidiaries ?

Between npm, Inc. company and UKG company, which one has the largest number of employees ?

Between npm, Inc. and UKG, which company holds both SOC 2 Type 1 certifications ?

Between npm, Inc. and UKG, which company holds both SOC 2 Type 2 certifications ?

Which company is ISO 27001 certified - npm, Inc. or UKG ?

Which company is PCI DSS compliant - npm, Inc. or UKG ?

Between npm, Inc. and UKG, which company complies with HIPAA regulations for healthcare data ?

Between npm, Inc. and UKG, which company complies with GDPR requirements ?

Latest Global CVEs

CVE-2026-6676

SUMMARY

Heap buffer out-of-bounds write vulnerability in Avira Antivirus engine when scanning a malformed POSIX tar archive may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.27.12.

PUBLISHED

Date2026-06-12

UPDATED

Date2026-06-12

RISK INFORMATION (Score: 7.8)

CVSS3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

IMPACT SCORE

5.9

EXPLOITABILITY

1.8

REFERENCES

https://www.gendigital.com/us/en/contact-us/security-advisories/

CVE-2026-12068

SUMMARY

Information disclosure vulnerability in Avira Password Manager when used with Mozilla Firefox may allow a remote attacker operating a cross-origin iframe to obtain credentials autofilled for the parent web page via incorrect autofill field selection. This issue affects Avira Password Manager when used with Mozilla Firefox on Windows, macOS, and Linux.

PUBLISHED

Date2026-06-12

UPDATED

Date2026-06-12

RISK INFORMATION (Score: 7.4)

CVSS3

Base Score: 7.4

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:N/A:N

IMPACT SCORE

EXPLOITABILITY

2.8

REFERENCES

https://www.gendigital.com/us/en/contact-us/security-advisories/

CVE-2025-9033

SUMMARY

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed PDF file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.76.

PUBLISHED

Date2026-06-12

UPDATED

Date2026-06-12

RISK INFORMATION (Score: 7.8)

CVSS3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

IMPACT SCORE

5.9

EXPLOITABILITY

1.8

REFERENCES

https://www.gendigital.com/us/en/contact-us/security-advisories/

CVE-2025-9032

SUMMARY

Heap buffer out-of-bounds read vulnerability in Avira Antivirus engine when scanning a malformed Windows PE file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.98.

PUBLISHED

Date2026-06-12

UPDATED

Date2026-06-12

RISK INFORMATION (Score: 7.8)

CVSS3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

IMPACT SCORE

5.9

EXPLOITABILITY

1.8

REFERENCES

https://www.gendigital.com/us/en/contact-us/security-advisories/

CVE-2025-14098

SUMMARY

Heap buffer out-of-bounds write vulnerability due to integer overflow in Avira Antivirus engine when scanning a malformed MS-DOS executable file may allow Local Execution of Code or Denial-of-Service of the antivirus engine process. This issue affects Avira Antivirus on Windows, macOS, and Linux for engine builds before 8.3.70.104.

PUBLISHED

Date2026-06-12

UPDATED

Date2026-06-12

RISK INFORMATION (Score: 7.8)

CVSS3

Base Score: 7.8

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H

IMPACT SCORE

5.9

EXPLOITABILITY

1.8

REFERENCES

https://www.gendigital.com/us/en/contact-us/security-advisories/