UCL A.I CyberSecurity Scoring
02/04/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for UCL in 2026.
No incidents recorded for UCL in 2026.
No incidents recorded for UCL in 2026.
Los Alamos National Laboratory is one of the world’s most innovative multidisciplinary research institutions. We're engaged in strategic science on behalf of national security to ensure the safety and reliability of the U.S. nuclear stockpile. Our workforce specializes in a wide range of progressive science, technology and engineering across many exciting fields, including space exploration, geophysics, renewable energy, supercomputing, medicine and nanotechnology.
The Chinese Academy of Sciences (CAS) is the lead national scientific institution in natural sciences and high technology development in China and the country's supreme scientific advisory body. It incorporates three major parts: a comprehensive research and development network consisting of 104 research institutes, a traditional merit-based national academy as represented by its Academic Divisions and a system of higher education based on its affiliated 3 universities and the support of its research institutes. CAS has served as the major national strategic research force since founding in November 1949 and has left its deep footprints in Chinese S&T and the overall development of China's national innovation system.
The PPD™ clinical research business of Thermo Fisher Scientific, the world leader in serving science, enables customers to accelerate innovation and drug development through patient-centered strategies and data analytics. Our services, which span multiple therapeutic areas, include early development, all phases of clinical development, peri- and post-approval, patient recruitment, investigator sites and comprehensive laboratory services. As a global industry leader, we offer custom solutions to pharma, biotech, medical device, and government organizations, leveraging cutting-edge technology and therapeutic expertise to help customers deliver life-changing therapies.
The French National Centre for Scientific Research is among the world's leading research institutions. Its scientists explore the living world, matter, the Universe, and the functioning of human societies in order to meet the major challenges of today and tomorrow. Internationally recognised for the excellence of its scientific research, the CNRS is a reference in the world of research and development, as well as for the general public.
The University of Cambridge is one of the world's foremost research universities. The University is made up of 31 Colleges and over 150 departments, faculties, schools and other institutions. Its mission is 'to contribute to society through the pursuit of education, learning, and research at the highest international levels of excellence'.
Imagine what you could do at a world-leading university that is globally recognised for its teaching, research and innovation. The University of Edinburgh has been providing students with world-class teaching for more than 425 years, unlocking the potential of some of the world's leading thinkers since 1583. Choose to study with us and you will be investing in an education that will help you build a successful future.
Our university combines top-class facilities for cutting-edge research with unique learning opportunities for 52,000 students. Whether our researchers are investigating the origins of life, matter and the universe or looking for solutions to the major challenges for our society, people lie at the heart of our research and innovation agenda. Our goal is to create lasting value for society through excellence in education and research, the active promotion of next-generation talents and a strong entrepreneurial spirit. All of which combine to make TUM one of Europe’s leading universities. | Imprint: http://www.tum.de/legal-notice
The CEA is the French Alternative Energies and Atomic Energy Commission ("Commissariat à l'énergie atomique et aux énergies alternatives"). It is a public body established in October 1945 by General de Gaulle. A leader in research, development and innovation, the CEA mission statement has two main objectives: To become the leading technological research organization in Europe and to ensure that the nuclear deterrent remains effective in the future. The CEA is active in four main areas: low-carbon energies, defense and security, information technologies and health technologies. In each of these fields, the CEA maintains a cross-disciplinary culture of engineers and researchers, building on the synergies between fundamental and technological research. The civilian programs of the CEA received 49% of their funding from the French government, and 30% from external sources (partner companies and the European Union). The CEA had a budget of 4,3 billion euros. The CEA is based in ten research centers in France, each specializing in specific fields. The laboratories are located in the Paris region, the Rhône-Alpes, the Rhône valley, the Provence-Alpes-Côte d'Azur region, Aquitaine, Central France and Burgundy. The CEA benefits from the strong regional identities of these laboratories and the partnerships forged with other research centers, local authorities and universities.
The University of Amsterdam is one of the largest comprehensive universities in Europe. With some 44,000 students, 6,000 staff, 3,000 PhD candidates, and an annual budget of more than 850 million euros, it is also one of Amsterdam’s biggest employers. There is an inseparable link between the university and its host city. The freedom and creativity with which Amsterdam has long been associated have worked their way into the fabric of the university. This is a place where individuality, authenticity and diversity are celebrated as sources of stimulation, inspiration and innovation. Professional and personal development, challenges and collaboration are undertaken in a versatile and multidimensional (inter)national ecosystem with leading stakeholders. Staff at the UvA make a meaningful contribution to uncovering solutions to some of the world’s most significant problems and to developing the next generation of talent.
Latest updates, reports, and threat intel affecting the global network.
A new phishing scam has been identified on Microsoft Teams. Find out what steps you can take to make sure your device is safe.
When cybersecurity problems hit, many people look for help on Reddit, turning to the platform for advice and reassurance.
University College London's computer science department has announced a new venture postdoc fellowship aimed at researchers working at the...
UCL has launched a new EPSRC Centre for Doctoral Training in Cyber-Physical Risk, uniting world-leading researchers to address emerging security challenges...
The AI company says attacks on its ChatGPT Atlas browser are "unlikely to ever be fully solved."
Tomorrow's supercomputers are being built today through international partnerships that harness and deploy the power of quantum mechanics...
Empty shelves in Marks & Spencer. Jaguar Land Rover plants idling as suppliers warn they could go out of business. And perhaps most starkly...
In 2025, the UK's tech education is thriving, with top universities like Oxford and Cambridge leading in AI and computer science research.
Nnennaya Halliday, a Netskope Engineer at ES Cyber Solutions, whose work is helping businesses fortify their digital walls and build...
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when a `ClientPasswordReset` record already exists for a client (from a previous unexpired reset request), subsequent calls to the `reset_password` guest API endpoint reuse the existing token instead of generating a new one. The 15-minute validity window is anchored to the first request's `created_at` timestamp, not the time of the most recent email. An attacker who obtained the original reset link remains able to use it even after the victim requests a new reset, because the original token is never invalidated or rotated. Version 0.8.0 patches the issue. Some workarounds are available. Configure a reverse proxy (e.g., Nginx, Apache, Cloudflare) to apply per-IP rate limiting to the `/client/reset-password` endpoint to minimize the window of opportunity, and/or manually clear expired `client_password_reset` records from the database after a client reports a suspected compromise.
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow a low-privileged staff account to grant arbitrary module permissions to itself through the admin API, resulting in persistent privilege escalation. A staff user that only has `staff.create_and_edit_staff` can call `/api/admin/staff/permissions_update` targeting their own account and write any permission structure, bypassing the intended role-based access control boundary. Version 0.8.0 patches the issue. Some workarounds are available. Restrict the `staff.create_and_edit_staff` permission to only highly trusted staff members and/or use a reverse proxy or WAF to restrict access to `/api/admin/staff/permissions_update` to specific trusted roles.
FOSSBilling is a free, open-source billing and client management system. Versions 0.5.3 through 0.7.2 allow authenticated clients to both read and reset API key service secrets for orders that are no longer in an `active` state (e.g., `suspended`, `canceled`). The root cause is missing order-state validation in two client API endpoints, despite an `isActive()` helper already existing in the `Serviceapikey` module and the frontend UI correctly gating access on `order.status == 'active'`. Version 0.8.0 contains a fix. Some workarounds are available. If the `Serviceapikey` module is not needed, uninstall it to remove the affected endpoints. One may also use a reverse proxy or WAF to restrict access to `/api/client/order/service` and `/api/client/serviceapikey/reset` based on application-level order-state logic.
FOSSBilling is a free, open-source billing and client management system. Versions prior to 0.8.0 allow low-privileged staff accounts to perform unauthorized actions via admin API endpoints. The root cause is a combination of the `can_always_access` module flag (which grants all staff access to certain modules) and insufficient permission checks or unsafe parameter handling on individual endpoints. Version 0.8.0 contains a fix. Some workarounds are available. Restrict staff accounts to only those who need access to sensitive settings and/or use a reverse proxy or WAF to restrict access to the affected endpoints to trusted IP addresses or higher-privilege roles.
FOSSBilling is a free, open-source billing and client management system. In versions 0.5.6 through 0.7.2, when the "Require Email Confirmation" setting is enabled, a logged-in client with an unverified email address (`email_approved = 0`) can access all client-area pages (e.g. `/client/balance`, `/client/order/list`, `/client/invoice`) and read real account data, including wallet balances and transaction history. The API-side enforcement correctly restricts unverified clients to only profile-related endpoints, but the page-side enforcement is overly permissive, allowing any request whose path starts with `/client`. Version 0.8.0 contains a fix. No known workarounds that don't involve modifying the source code are available.
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.