The Fly
Company Details
Linkedin ID:
theflynews
Website:
Employees number:
65
Number of followers:
643
NAICS:
None
Industry Type:
Homepage:
thefly.com
IP Addresses:
0
Company ID:
THE_2543448
Scan Status:
In-progress
The Fly Company CyberSecurity Posture
thefly.com
The Fly is a leading digital publisher of real-time financial news. Our mission is simple, but not easy: report and explain the news impacting publicly traded companies. Our exclusive live streaming subscription service breaks the material information moving stocks. If you need to know why a stock is moving, you need The Fly. Our financial market experts understand that news impacting stock prices can originate from anywhere, at anytime. The Fly team scours all sources of company news, from mainstream to cutting-edge, then filters out the noise to deliver short-form stories consisting of only market moving content. Analyst research notes, company press releases, SEC filings, newspapers, blogs, social media and trading desk sources are among the many areas monitored by our experts. The Fly is your filter to the often complex world of stock news. The Fly was founded in 1998 and is headquartered in Summit, New Jersey, with additional offices in New York and Argentina.
The Fly A.I CyberSecurity Scoring
The Fly Risk Score (AI oriented)Between 750 and 799
The Fly
Updated:
- Powered by our proprietary A.I cyber incident model
- Insurance preferes TPRM score to calculate premium
The Fly Global Score (TPRM)XXXX
The Fly
- Instant access to detailed risk factors
- Benchmark vs. industry & size peers
- Vulnerabilities
- Findings
The Fly Company CyberSecurity News & History
Past Incidents
1
Attack Types
1
The Fly
Vulnerability
Rankiteo Explanation
Attack threatening the organization's existence
Description: The breached data contains clear text credit card numbers along with the associated names, addresses and expiry of over 27,000 of its users from 2006-2015. The leak in total contains over 100,000 user accounts About 27,000 of them have links to credit card details which are stored in complete clear text.
The Fly Company Scoring based on AI Models
Cyber Incidents Likelihood 3 - 6 - 9 months
A.I Risk Score Likelihood 3 - 6 - 9 months
Underwriter Stats for The Fly
Incidents vs Online Media Industry Average (This Year)
No incidents recorded for The Fly in 2025.
Incidents vs All-Companies Average (This Year)
No incidents recorded for The Fly in 2025.
Incident Types The Fly vs Online Media Industry Avg (This Year)
No incidents recorded for The Fly in 2025.
Incident History — The Fly (X = Date, Y = Severity)
The Fly cyber incidents detection timeline including parent company and subsidiaries
The Fly Company Subsidiaries
The Fly is a leading digital publisher of real-time financial news. Our mission is simple, but not easy: report and explain the news impacting publicly traded companies. Our exclusive live streaming subscription service breaks the material information moving stocks. If you need to know why a stock is moving, you need The Fly. Our financial market experts understand that news impacting stock prices can originate from anywhere, at anytime. The Fly team scours all sources of company news, from mainstream to cutting-edge, then filters out the noise to deliver short-form stories consisting of only market moving content. Analyst research notes, company press releases, SEC filings, newspapers, blogs, social media and trading desk sources are among the many areas monitored by our experts. The Fly is your filter to the often complex world of stock news. The Fly was founded in 1998 and is headquartered in Summit, New Jersey, with additional offices in New York and Argentina.
Loading...
The Fly Similar Companies
Dow Jones
Dow Jones is a global provider of news and business information, delivering content to consumers and organizations around the world across multiple formats, including print, digital, mobile and live events. Dow Jones has produced unrivaled quality content for more than 130 years and today has one of
.png)
The Fly CyberSecurity News
November 23, 2025 08:00 PM
Commercial space flight, cybersecurity industry leaders hope to prompt government investment
Several San Antonio business leaders are calling for more government investment in local aerospace and cybersecurity.
November 07, 2025 12:30 PM
Google Sounds the Alarm: AI-Driven Malware Can Now Evade Detection and Adapt on the Fly
Google's latest threat report reveals hackers are no longer just experimenting with AI—they're weaponizing it.
October 21, 2025 07:00 AM
Real-time Audio Deepfakes Have Arrived
Advanced audio deepfake tools now allow real-time voice cloning, making it harder to trust phone conversations and increasing phishing...
October 16, 2025 07:00 AM
AISLE Emerges From Stealth With AI-Based Reasoning System to Remediate Vulnerabilities on the Fly
AISLE aims to automate the vulnerability remediation process by detecting, exploiting, and patching software vulnerabilities in real time.
October 09, 2025 07:00 AM
New Mid-Flight Defense Mechanism Enables Drones to Fly Through Cyber Attacks
New Mid-Flight Defense Mechanism Enables Drones to Fly Through Cyber Attacks ... A team from Florida International University (FIU) has figured...
October 08, 2025 07:00 AM
Hacker No Fly Zone: FAA and TSA Propose Cybersecurity Rules for Drone Ecosystem
The rule would require manufacturers to ensure that UAS equipment, systems, and networks are protected from “Intentional Unauthorized Electronic...
October 03, 2025 07:00 AM
Government flying partially blind to threats after key cyber law expires
The law offered legal protections for groups to share cyber threat intel with the federal government.
September 28, 2025 07:00 AM
Cyber Incidents Take Off: Europe’s Airports Join a Growing List
From water systems to the electric grid, critical infrastructure has been under threat for decades. But 2025 cyber attacks against airports...
September 25, 2025 07:00 AM
MD Fighter Jets Deactivated, Airmen Transition To Cybersecurity
Fighter jets will no longer fly out of Martin State Airport in Middle River. The MD National Guard unit will transition to cybersecurity.
Frequently Asked Questions
Explore insights on cybersecurity incidents, risk posture, and Rankiteo's assessments.
The Fly CyberSecurity History Information
Official Website of The Fly
The official website of The Fly is http://www.thefly.com.
The Fly’s AI-Generated Cybersecurity Score
According to Rankiteo, The Fly’s AI-generated cybersecurity score is 755, reflecting their Fair security posture.
How many security badges does The Fly’ have ?
According to Rankiteo, The Fly currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.
Does The Fly have SOC 2 Type 1 certification ?
According to Rankiteo, The Fly is not certified under SOC 2 Type 1.
Does The Fly have SOC 2 Type 2 certification ?
According to Rankiteo, The Fly does not hold a SOC 2 Type 2 certification.
Does The Fly comply with GDPR ?
According to Rankiteo, The Fly is not listed as GDPR compliant.
Does The Fly have PCI DSS certification ?
According to Rankiteo, The Fly does not currently maintain PCI DSS compliance.
Does The Fly comply with HIPAA ?
According to Rankiteo, The Fly is not compliant with HIPAA regulations.
Does The Fly have ISO 27001 certification ?
According to Rankiteo,The Fly is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.
Industry Classification of The Fly
The Fly operates primarily in the Online Media industry.
Number of Employees at The Fly
The Fly employs approximately 65 people worldwide.
Subsidiaries Owned by The Fly
The Fly presently has no subsidiaries across any sectors.
The Fly’s LinkedIn Followers
The Fly’s official LinkedIn profile has approximately 643 followers.
NAICS Classification of The Fly
The Fly is classified under the NAICS code None, which corresponds to Others.
The Fly’s Presence on Crunchbase
No, The Fly does not have a profile on Crunchbase.
The Fly’s Presence on LinkedIn
Yes, The Fly maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/theflynews.
Cybersecurity Incidents Involving The Fly
As of December 02, 2025, Rankiteo reports that The Fly has experienced 1 cybersecurity incidents.
Number of Peer and Competitor Companies
The Fly has an estimated 500 peer or competitor companies worldwide.
What types of cybersecurity incidents have occurred at The Fly ?
Incident Types: The types of cybersecurity incidents that have occurred include Vulnerability.
Incident Details
Can you provide details on each incident ?
Title: Data Breach Exposing Credit Card Information
Description: The breached data contains clear text credit card numbers along with the associated names, addresses and expiry of over 27,000 of its users from 2006-2015. The leak in total contains over 100,000 user accounts. About 27,000 of them have links to credit card details which are stored in complete clear text.
Type: Data Breach
What are the most common types of attacks the company has faced ?
Common Attack Types: The most common types of attacks the company has faced is Vulnerability.
Impact of the Incidents
What was the impact of each incident ?
Incident : Data Breach THE2322622
Data Compromised: Credit card numbers, Names, Addresses, Expiry dates
Payment Information Risk: True
What types of data are most commonly compromised in incidents ?
Commonly Compromised Data Types: The types of data most commonly compromised in incidents are Credit Card Numbers, Names, Addresses, Expiry Dates and .
Which entities were affected by each incident ?
Incident : Data Breach THE2322622
Customers Affected: 100000
Data Breach Information
What type of data was compromised in each breach ?
Incident : Data Breach THE2322622
Type of Data Compromised: Credit card numbers, Names, Addresses, Expiry dates
Number of Records Exposed: 100000
Sensitivity of Data: High
Additional Questions
Impact of the Incidents
What was the most significant data compromised in an incident ?
Most Significant Data Compromised: The most significant data compromised in an incident were Credit card numbers, Names, Addresses, Expiry dates and .
Data Breach Information
What was the most sensitive data compromised in a breach ?
Most Sensitive Data Compromised: The most sensitive data compromised in a breach were Credit card numbers, Expiry dates, Addresses and Names.
What was the number of records exposed in the most significant breach ?
Number of Records Exposed in Most Significant Breach: The number of records exposed in the most significant breach was 100.0.
.png)
Latest Global CVEs (Not Company-Specific)
Description
vLLM is an inference and serving engine for large language models (LLMs). Prior to 0.11.1, vllm has a critical remote code execution vector in a config class named Nemotron_Nano_VL_Config. When vllm loads a model config that contains an auto_map entry, the config class resolves that mapping with get_class_from_dynamic_module(...) and immediately instantiates the returned class. This fetches and executes Python from the remote repository referenced in the auto_map string. Crucially, this happens even when the caller explicitly sets trust_remote_code=False in vllm.transformers_utils.config.get_config. In practice, an attacker can publish a benign-looking frontend repo whose config.json points via auto_map to a separate malicious backend repo; loading the frontend will silently run the backend’s code on the victim host. This vulnerability is fixed in 0.11.1.
Risk Information
cvss3
Base: 7.1
Severity: HIGH
CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
Description
fastify-reply-from is a Fastify plugin to forward the current HTTP request to another server. Prior to 12.5.0, by crafting a malicious URL, an attacker could access routes that are not allowed, even though the reply.from is defined for specific routes in @fastify/reply-from. This vulnerability is fixed in 12.5.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Angular is a development platform for building mobile and desktop web applications using TypeScript/JavaScript and other languages. Prior to 21.0.2, 20.3.15, and 19.2.17, A Stored Cross-Site Scripting (XSS) vulnerability has been identified in the Angular Template Compiler. It occurs because the compiler's internal security schema is incomplete, allowing attackers to bypass Angular's built-in security sanitization. Specifically, the schema fails to classify certain URL-holding attributes (e.g., those that could contain javascript: URLs) as requiring strict URL security, enabling the injection of malicious scripts. This vulnerability is fixed in 21.0.2, 20.3.15, and 19.2.17.
Risk Information
cvss4
Base: 8.5
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:A/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Gin-vue-admin is a backstage management system based on vue and gin. In 2.8.6 and earlier, attackers can delete any file on the server at will, causing damage or unavailability of server resources. Attackers can control the 'FileMd5' parameter to delete any file and folder.
Risk Information
cvss4
Base: 8.7
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:H/VA:N/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Description
Portkey.ai Gateway is a blazing fast AI Gateway with integrated guardrails. Prior to 1.14.0, the gateway determined the destination baseURL by prioritizing the value in the x-portkey-custom-host request header. The proxy route then appends the client-specified path to perform an external fetch. This can be maliciously used by users for SSRF attacks. This vulnerability is fixed in 1.14.0.
Risk Information
cvss4
Base: 6.9
Severity: LOW
CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:N/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Access Data Using Our API
Get company history
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?linkedin_id=theflynews' -H 'apikey: YOUR_API_KEY_HERE'
RapidWhat Do We Measure ?
Incident
Finding
Grade
Digital Assets
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
These are some of the factors we use to calculate the overall score:
Network Security
Identify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.
SBOM (Software Bill of Materials)
Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.
CMDB (Configuration Management Database)
Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.
Threat Intelligence
Leverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.
