SCC DIGITAL A.I CyberSecurity Scoring
28/03/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for SCC DIGITAL in 2026.
No incidents recorded for SCC DIGITAL in 2026.
No incidents recorded for SCC DIGITAL in 2026.
Meesho is India’s e-commerce marketplace, on a mission to democratise internet commerce. Our multi-sided technology platform connects four key stakeholders — consumers, sellers, logistics partners, and content creators — to power inclusive growth at scale. We enable individuals and small businesses to sell online with ease, offering access to a wide customer base, integrated logistics, payment solutions, and platform support. For customers, Meesho offers a broad and affordable selection, tailored for diverse needs across Bharat. We also empower creators to build commerce-driven content that drives discovery and engagement. Our logistics operations are powered by Valmo, Meesho’s asset-light logistics platform that works entirely through partner-led infrastructure to ensure cost-efficient and scalable deliveries.
As a leading internet technology company based in China, NetEase, Inc. (NASDAQ: NTES and HKEX:9999, "NetEase") provides premium online services centered around content creation. With extensive offerings across its expanding gaming ecosystem, NetEase develops and operates some of China's most popular and longest running mobile and PC games. Powered by industry-leading inhouse R&D capabilities in China and globally, NetEase creates superior gaming experiences, inspires players and passionately delivers value for its thriving community worldwide. Beyond games, NetEase service offerings include its majority-controlled subsidiaries Youdao (NYSE:DAO), China's leading technology-focused intelligent learning company, and Cloud Music (HKEX:9899), China's leading online music content community, as well as Yanxuan, NetEase's private label consumer lifestyle brand.
At Flipkart, we're driven by our purpose of empowering every Indian's dream by delivering value through innovation in technology and commerce. With a customer base of over 350 million, product coverage of over 150 million across 80+ categories, a focus on generating direct and indirect employment and a commitment to empowering generations of entrepreneurs and MSMEs, all driven by a sustainable growth strategy – Flipkart is maximising for customers, stakeholders, and the planet at large! At Flipkart, our promise to every Flipster is - getting an opportunity to leave a mark and create their own legacy, the freedom to experiment, learn and grow, work with the industry’s brightest minds as part of a diverse team and we will extend our culture of care to them to ensure that they can focus on doing their best work. Driven by audacity, bias for action, customer first, integrity and inclusion – Flipsters have pioneered solutions that have transformed digital commerce in India. From the industry-first introduction of cash-on-delivery in 2010 to the launch of voice search and multiple vernacular interfaces in 2021 that have made e-commerce a very inclusive experience, Flipkart continues the exciting journey of solving for the Indian customer. We understand that your own aspirations and journeys are unique. So you choose what you want to maximise, and we provide you the platform for it - because when you maximise, we maximise. Flipkart is a part of the Walmart-owned Flipkart Group, which also includes group companies Flipkart Wholesale, Flipkart Health+, Cleartrip, and Myntra. Get in touch with our experts for support with your orders here: https://www.flipkart.com/helpcentre
More people find jobs on Indeed than anywhere else. Indeed is the #1 job site in the world (Comscore, Total Visits, March 2024) and allows job seekers to search millions of jobs in more than 60 countries and 28 languages. Indeed has more than 580 million Job Seeker Profiles. Every day, job seekers use Indeed to search for jobs, post resumes, research companies and more. For more information, visit indeed.com. **Indeed data (worldwide), job seeker accounts that have a unique, verified email address.
YouTube is a team-oriented, creative workplace where every single employee has a voice in the choices we make and the features we implement. We work together in small teams to design, develop, and roll out key features and products in very short time frames. Which means something you write today could be seen by millions of viewers tomorrow. And even though we’re a part of Google and enjoy all of the corporate perks, it still feels like you’re working at a startup. YouTube is headquartered in San Bruno, California, 12 miles south of San Francisco. We also have many job openings in Mountain View, and across the globe
At eBay, we create pathways to connect millions of sellers and buyers in more than 190 markets around the world. Our technology empowers our customers, providing everyone the opportunity to grow and thrive — no matter who they are or where they are in the world. And the ripple effect of our work creates waves of change for our customers, our company, our communities and our planet.
We are a technology company that unlocks access to energy for the benefit of all. As innovators, that’s been our mission for nearly a century. Today, we face a global imperative to create a future with more energy, but less carbon. Our diverse, innovative change makers are focused on going further in innovation and inventing the new energy technologies we need to get there.
We're a global technology group focused on innovation and collaboration to create a better future for all. Since 1976, we've been pioneering new technologies and expanding our reach to more people and places. Today, we provide services to over 163 million customers across 16 countries in the Middle East, Asia, and Africa through our telecom brands under e& international and e& UAE. We're committed to driving the digital future to empower societies and help businesses and governments create a smarter, safer, and more sustainable world through all our business verticals including e& enterprise, e& life, and e& capital. Our goal is to empower people, communities, and societies worldwide to achieve more.
Nothing exists to make tech feel exciting again. We’re building a different kind of company, one that puts design, emotion, and human creativity at the heart of everything we do. From the way our products look to how they sound, feel, and function, we care about the details that make technology not just useful, but inspiring. This is a place for the curious. The creators. The ones who ask why not and mean it. If you're drawn to bold ideas, fast moves, and work that actually makes you feel something, you’ll fit right in. We're not here to follow the rules. We're here to make better ones. Founded in London in 2020, Nothing is a design-led tech company building an alternative to the industry giants. Our products, from award-winning smartphones to expressive audio and wearables, blend iconic design with intuitive engineering to put people and creativity back at the centre of consumer tech. Backed by GV (Google Ventures), EQT Ventures, C Ventures, and influential investors like Tony Fadell (iPod), Casey Neistat, and Kevin Lin (Twitch), we’ve grown from startup to global challenger in just a few years.
Latest updates, reports, and threat intel affecting the global network.
Indosat Ooredoo Hutchison (Indosat) has officially opened its Security Command Center (SCC) in Jakarta, marking a major advancement in the...
The launch of Indosat's Security Command Center, in collaboration with Cisco, strengthens Indonesia's cybersecurity posture.
An analysis of common cybercrimes in India with real cases, legal remedies, reporting mechanisms and preventive measures for victims.
BNS2023CyberAwarenesscybercrimeCyberLawIndiaCyberScamcybersecurityDigitalArrestIdentityTheftIndiaLegalUpdatesInternetSafetyITAct2000...
SCC Online is proud to announce the signing of a strategic Memorandum of Understanding (MoU) with the Data Security Council of India (DSCI).
Digital medical devices include for example continuous glucose monitoring systems, foot pressure feedback systems and insulin pumps.
Robert Vassoyan delves into his plans for the company and the tangible progress he aims to deliver within six months.
Telecommunications (Telecom Cyber Security) Amendment Rules, 2025, introduce mobile number validation platform, new compliance obligations...
Symbiosis Law School, Hyderabad renewed its MoU with DSCI's Cybersecurity Centre of Excellence to strengthen research and skill-building in...
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.