APSSS A.I CyberSecurity Scoring
20/04/2026
Access Monitoring Plan
Access Monitoring Plan
ALBANIAN POST S.A./POSTA SHQIPTARE SH.A has 75.0% fewer incidents than the average of same-industry companies with at least one recorded incident.
ALBANIAN POST S.A./POSTA SHQIPTARE SH.A has 4.76% fewer incidents than the average of all companies with at least one recorded incident.
ALBANIAN POST S.A./POSTA SHQIPTARE SH.A reported 1 incidents this year: 1 cyber attacks, 0 ransomware, 0 vulnerabilities, 0 data breaches, compared to industry peers with at least 1 incident.
Freight and Package Transportation
BNSF Railway operates one of the largest railroad networks in North America, with about 32,500 route miles in 28 states and three Canadian provinces. The railway is among the world's top transporters of intermodal traffic, serves more grain-producing regions than any other railroad, and transports the components of many of the products we depend on daily. BNSF Railway is an Equal Opportunity Employer Minorities/Women/Veterans/Disabled. On Feb. 12, 2010, Burlington Northern Santa Fe Corporation was acquired by Berkshire Hathaway Inc. (NYSE: BRK)
As the country's postal service and leading ecommerce delivery company, we’re committed to serving Canadians and Canadian businesses, working for the greener good, and delivering a stronger Canada. We are the only delivery organization with the network and commitment to serve all of the more than 17 million addresses across Canada. We operate the largest retail network in Canada, with almost 5,900 post offices in every corner of the country. Our nearly 68,000 employees connect us with Canadians and are proud to serve the communities where they live and work. Canadians are at the heart of everything we do. We are dedicated to meeting their rapidly evolving needs and expectations. Our purpose, A Stronger Canada – Delivered, is anchored in our commitment to provide a service all Canadians can count on; demonstrate environmental and social leadership; and create a safe and welcoming workplace for all employees. En tant que service postal et chef de file de la livraison des colis du cybercommerce au pays, nous sommes déterminés à servir la population et les entreprises d’ici, et à être porteurs d’un Canada plus fort et plus vert. Grâce à notre réseau de livraison inégalé, nous avons la responsabilité de servir plus de 17 millions d’adresses d’un océan à l’autre. Avec près de 5 900 bureaux de poste, nous exploitons le plus vaste réseau de vente au détail au pays. Nos gens – quelque 68 000 employées et employés – servent fièrement les collectivités où ils vivent et travaillent, et nous relient à la population. Les Canadiennes et les Canadiens sont au cœur de tout ce que nous faisons, et nous mettons tout en œuvre pour répondre à leurs besoins et à leurs attentes qui évoluent rapidement. Notre raison d’être, Porteurs d’un Canada plus fort, repose sur notre volonté d’offrir un service sur lequel tout le monde peut compter, de faire preuve de leadership en matière d’environnement et de responsabilité sociale, et de créer un milieu de travail sécuritaire et accueillant.
FedEx connects people and possibilities through our worldwide portfolio of shipping, transportation, e-commerce and digital supply chain services. For decades, we’ve been innovating to deliver more for you. Strengthening supply chains with our global network. Simplifying logistics. Enhancing tracking and visibility. And using data from every journey to make your experience better. Our people are the foundation of our success, and FedEx has consistently ranked among the world’s most admired and trusted employers. We inspire our global workforce of more than 575,000 team members to remain absolutely, positively focused on safety, the highest ethical and professional standards, and the needs of their customers and communities. Day one: 186 deliveries. Today: About 14.5 million.
Latest updates, reports, and threat intel affecting the global network.
HedgeDoc is an open source, real-time collaborative markdown notes application. Prior to 1.11.0, the GitHub Gist export flow created an OAuth2 state value but only checked that it was present rather than validating it against the value expected for the user's session. Because the state was not properly validated, an attacker could forge a callback URL containing their own valid GitHub OAuth code. When processing the callback, HedgeDoc used the victim's logged-in session to select which note to export, but the attacker's authorization code to determine which GitHub account received it. As a result, a logged-in victim who clicked a crafted link could export their own private, protected, or limited note directly into a Gist controlled by the attacker. This issue has been fixed in version 1.11.0.
HedgeDoc is an open source, real-time, collaborative, markdown notes application. Prior to version 1.11.0, HedgeDoc was vulnerable to a YAML alias bomb due to unsafe processing of the note frontmatter. HedgeDoc parsed frontmatter with js-yaml.load (js-yaml v3) via @hedgedoc/meta-marked, which resolved YAML anchor aliases. A compact malicious payload could therefore expand into a huge object structure, consuming excessive CPU. This expansion ran on every request to the publish view (/s/<shortid>) and, when placed under the opengraph key, the editor view (/<noteId>). A ten-level alias bomb could block the single Node.js event loop for roughly 235 seconds per request, causing concurrent requests to hang or drop and rendering the instance unavailable (DoS). Because the note was stored in the database, the impact survived process restarts until the note was removed. toobusy-js did not reliably mitigate the worst cases, as the event loop was saturated before the middleware could respond. This issue was fixed in version 1.11.0.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow a heap out-of-bounds read via a long certificate extension OID in hv_exts. When building the extension hash (via extensions(), extensions_by_long_name(), extensions_by_oid(), or has_extension_oid()), the code passes OBJ_obj2txt()'s return value as the hash-key length; because that value is the OID's full text length rather than the bytes written to the fixed-size buffer (129 bytes), an OID whose text is longer than the 129-byte buffer causes a read past the allocation, exposing adjacent heap memory as the returned hash key. extensions_by_name() uses the static shortname path and is not affected.
Crypt::OpenSSL::X509 versions before 2.1.3 for Perl allow denial of service via NULL pointer dereference. X509V3_EXT_d2i(ext) returns NULL when an extension's DER value fails to parse. basicC, ia5string, and auth_att dereference its result without a NULL check. keyid_data also dereferences akid->keyid, which is NULL for an empty AKI SEQUENCE (DER 30 00) even when the parse succeeds. A caller invoking an affected helper on an extension from an untrusted certificate triggers a SIGSEGV that crashes the Perl process.
Cockpit CMS contains a path traversal vulnerability in the Bucket file storage API (/system/buckets/api). The api() method in modules/System/Controller/Buckets.php sanitizes the bucket name with preg_replace('/[^a-zA-Z0-9-_\\.]/','', $bucket), which permits '..' and '../' sequences. The sanitized value is interpolated into a Flysystem path as uploads://buckets/{bucket}. Flysystem's WhitespacePathNormalizer resolves 'buckets/..' to the empty string (the uploads storage root) without raising PathTraversalDetected because the '..' has a preceding component to consume. An authenticated low-privileged user can send a crafted request with a '../' bucket name to list, upload, and delete files across all buckets, including those belonging to other users or roles
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.