SS A.I CyberSecurity Scoring
04/01/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for Schindler, S.A. (Spain) in 2026.
No incidents recorded for Schindler, S.A. (Spain) in 2026.
No incidents recorded for Schindler, S.A. (Spain) in 2026.
Gestamp is a multinational specialized in the design, development and manufacture of highly engineered metal components for the main vehicle manufacturers. It develops products with an innovative design to produce lighter and safer vehicles, which offer lower energy consumption and a lower environmental impact. Its products cover the areas of BiW, chassis and mechanisms. Gestamp is present in 24 countries with 115 production plants, 13 R&D centers and a workforce of more than 43,000 employees worldwide.
Bridgestone Americas, Inc. (BSAM), headquartered in Nashville, Tennessee, and Bridgestone Europe, Middle East and Africa (BSEMEA), headquartered in Brussels, Belgium, operate collectively as a “Bridgestone West” strategic region. This region services the strategic business needs of teams across the Americas, Europe, Middle East and Africa. BSAM and BSEMEA are subsidiaries of Bridgestone Corporation, globally headquartered in Japan. Bridgestone and its subsidiaries develop, manufactures and markets a diverse portfolio of original equipment and replacement tires, tire-centric solutions, mobility solutions and other rubber-associated and diversified products that deliver social and customer value. These best-in-class offerings are sold to consumers and fleet customers around the world under the trusted Bridgestone and Firestone brand names. With more than 50 production facilities and 55,000 employees, the Bridgestone Americas (BSAM) enterprise spans from Canada to Argentina. Business units of Bridgestone Americas include Bridgestone Retail Operations, the world’s largest network of company-owned retail tire and automotive service centers; Bandag, a leader in commercial tire retreading worldwide and Firestone Industrial Products, a leading provider of technologically advanced air springs for commercial and passenger vehicle applications. At Bridgestone, you are Free to Be We believe people can only provide superior service and quality to others when they bring their whole self to work. We believe in championing all perspectives, individuals and teams because we understand the importance of seeing the world and our business through many different lenses. We are building a team as diverse as the world we serve. So, show us what you are made of, because who you are is what we need. To view our terms of use, visit https://www.bridgestoneamericas.com/en/terms-of-use.
Established in 1995, BYD is a top high-tech enterprise in China specializing in IT, automobile, and new energy.BYD is the largest supplier of rechargeable batteries in the globe, and has the largest market share for Nickel-cadmium batteries, handset Li-ion batteries, cell-phone chargers and keypads worldwide. It also has the second largest market share for cell-phone shells in the globe. BYD Auto becomes the most innovative independent national auto brand and leads the field of electric vehicles with unique technologies. In the field of new energy, BYD has developed green products such as solar farm, battery energy storage station, electric vehicle, and LED, etc. It will continue to lead the new energy revolution in the world!
As a global product leader for over 130 years, we deliver innovative and sustainable mobility solutions. Guided by our commitment to inclusion, integrity, excellence, responsibility and collaboration—and our pledge to reach carbon neutrality by 2035—we’re leading the automotive industry to a future that is cleaner, healthier and safer for all. Start your future with BorgWarner now! We are looking for dedicated, talented people to fill our manufacturing and technical facilities all over the world. For more information, please visit: https://bit.ly/WorkAtBorgWarner For legal and data protection inquiries please visit: https://www.borgwarner.com/legal Career Scam Disclaimer BorgWarner makes no representations or guarantees regarding employment opportunities listed on any third-party website. To protect against career scams, job applicants should take the necessary precautions when interviewing for and accepting employment positions allegedly offered by BorgWarner. Applicants should never provide their Social Security numbers, birth dates, credit card numbers, bank account information or other private information when communicating with prospective employers or responding to employment opportunities online. Job applicants are invited to contact BorgWarner through BorgWarner’s website to verify the authenticity of any employment opportunities.
The oldest motorcycle brand in continuous production, Royal Enfield made its first motorcycle in 1901. A division of Eicher Motors Limited, Royal Enfield has created the mid-sized motorcycle segment in India with its unique and distinctive modern classic bikes. Royal Enfield operates in 60+ countries across the world with more than 3000 retail touch points globally, 5 CKD units (Argentina, Brazil, Colombia, Nepal, & Thailand), 3 state-of-the-art manufacturing facilities based out of Chennai, India and two technical centers - in India and in the UK. Watch Royal Enfield's incredible journey here - https://youtu.be/UvR57lwJptk
Ferrari's story officially began in 1947 when its first road car, the 125 S, emerged from the gate of no. 4 Via Abetone Inferiore in Maranello. The iconic two-seater went on to win the Rome Grand Prix later that year and shortly thereafter was developed into a refined GT roadster. The company has travelled a long way since then, but its mission has remained unaltered: to make unique sports cars that represent the finest in Italian design and craftsmanship, both on the track and on the road. The very definition of excellence and sportiness, Ferrari needs no introduction. Its principal calling card is the numerous Formula One titles it has won: a total of 16 constructors’ championships and 15 drivers’ championships. And of course, there is the impressive lineup of legendary GT models. Cars that are unique for their design, technology and luxurious styling and that represent the best in Italian the world over.
Our mission is clear: to become a lifelong mobility partner for our customers and communities by creating meaningful progress through clean energy, connected technology, and human-centered innovation. Hyundai Motor Company is a global mobility leader committed to shaping a better future. With more than 120,000 employees across 200+ countries, we are redefining the way the world moves, not just through innovation in automotive design, but through bold investments in smart mobility, sustainability, and technology. Each year, we bring over 4.6 million vehicles to drivers around the globe – from award-winning sedans to cutting-edge electric and hydrogen-powered solutions.
Honda Cars India Ltd. (HCIL), a leading manufacturer of premium cars in India, was established in December 1995 with a commitment to provide Honda’s passenger car models and technologies, to the Indian customers. HCIL’s corporate office is based in Greater Noida, UP and its state-of-the-art manufacturing facility is located at Tapukara, District. Alwar, Rajasthan. Honda’s models are strongly associated with advanced design and technology, apart from their established qualities of durability, reliability, safety, and fuel-efficiency. The company has a strong sales and distribution network spread across the country. Besides the new car business, Honda offers one stop solution for buying and selling pre-owned cars through its business function Honda Auto Terrace. The Honda Certified Pre-owned cars come with an assurance of quality and peace of mind that caters to the diverse and burgeoning needs of pre-owned car buyers across the country.
We see a future where everyone can live and move without limitations. That’s why we are developing technologies, systems and concepts that make vehicles safer and cleaner, while serving our communities, the planet and, above all, people. Forward. For all. Our common shares trade on the Toronto Stock Exchange (MG) and the New York Stock Exchange (MGA). For further information about Magna, visit www.magna.com.
Latest updates, reports, and threat intel affecting the global network.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.