UST A.I CyberSecurity Scoring
20/01/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for uOttawa SAEA | TLSS in 2026.
No incidents recorded for uOttawa SAEA | TLSS in 2026.
No incidents recorded for uOttawa SAEA | TLSS in 2026.
At NUS, we are shaping the future through our people and our pursuit of new frontiers in knowledge. In a single century, we have become a university of global influence and an Asian thought leader. Our location at the crossroads of Asia informs our mission and gives us a tremendous vantage point to help create opportunities and address the pressing issues facing Singapore, Asia and the world. At NUS, we believe in education, research and service that change lives. Read our social media community guidelines here: https://nus.edu/socialmediaguidelines.
The University of Arkansas is Arkansas' only R1 research institution and is the flagship land-grant campus of the U of A System. We provide an internationally competitive education for undergraduate and graduate students in more than 200 academic programs and contribute more than $2.2 billion in economic impact to the state of Arkansas. The Carnegie Foundation classifies the U of A among the top 3 percent of colleges and universities in America with the highest level of research activity. U.S. News & World Report ranks the University of Arkansas among its top American public research universities. Founded in 1871, the University of Arkansas comprises 10 colleges and schools and maintains a low student-to-faculty ratio that promotes personal attention and close mentoring to provide all students with life-changing opportunities. The U of A is dedicated to Arkansas and works to build a better world.
The University of Pennsylvania is one of the oldest universities in America and, as a member of the Ivy League, one of the most prestigious institutions of higher learning in all the world. Penn is home to 12 schools including the School of Arts and Sciences, the School of Nursing, the School of Engineering and Applied Science and the Wharton School of Business, as well as several graduate and professional schools such as the Perelman School of Medicine.
The University of Texas at Austin is one of the largest public universities in the United States. Founded in 1883, the University has grown from a single building, eight teachers, two departments and 221 students to a 350-acre main campus with 21,000 faculty and staff, 16 colleges and schools and more than 50,000 students.
The University of Kentucky is a public, research-extensive, land grant university dedicated to improving people's lives through excellence in teaching, research, health care, cultural enrichment, and economic development for over 150 years. The University of Kentucky: - Facilitates learning, informed by scholarship and research. - Expands knowledge through research, scholarship and creative activity. - Serves a global community by disseminating, sharing and applying knowledge. The University, as the flagship institution, plays a critical leadership role for the Commonwealth by contributing to the economic development and quality of life within Kentucky's borders and beyond. The University nurtures a diverse community characterized by fairness and equal opportunity. From Paducah to Pikeville, Covington to Cumberland, the University of Kentucky touches lives across the Bluegrass State, providing education, cultural stimulation and economic development in all 120 counties. Considering that residents of all Kentucky counties benefit from the University's medical care, community service, innovative research and creative teaching and instruction, there's no question UK is The University of Kentucky.
A new era of excellence is dawning at Texas Tech University as it stands on the cusp of being one of the nation's premier research institutions. Research and enrollment numbers are at record levels, which cement Texas Tech's commitment to attracting and retaining quality students. In fall 2020, the university achieved a goal more than a decade in the making, reaching a total student population of more than 40,000. In 2018, the Carnegie Classification of Institutions of Higher Education again placed Texas Tech among its top doctoral universities in the nation in the “Very High Research Activity” category. Texas Tech is one of 94 public institutions nationally and 131 overall to achieve this prestigious recognition. Quality students need top-notch faculty. Texas Tech is home to a diverse, highly revered pool of educators who excel in teaching, research and service. The university strives to foster an environment that celebrates student accomplishment above all else. Texas Tech is large enough to provide the best in facilities and academics but prides itself on being able to focus on each student individually. The momentum for excellence at Texas Tech has never been greater.
L’Università degli Studi di Milano è un ateneo a vocazione interdisciplinare e internazionale, che riesce a coniugare tradizione e innovazione per rispondere alle sfide di una società in forte cambiamento. Fondata nel 1924, a 100 dalla sua nascita, l’Università milanese si prepara a diventare, entro il 2026, un Ateneo multipolare che guarda al futuro della città di Milano con il nuovo Campus universitario per l’eccellenza scientifica a MIND - Milano Innovation District, nell’area che ha ospitato Expo 2015, e il Campus umanistico a Città Studi. Unico ateneo italiano tra i 23 membri fondatori della LERU, la League of European Research Universities, l’Università degli Studi di Milano fa parte di 4EU+ European University Alliance che riunisce otto atenei europei impegnati nella costruzione di un sistema universitario integrato. L’Università degli Studi di Milano ha al suo attivo 121 progetti vinti con il programma di ricerca europeo Horizon 2020, 69 attivati sul programma Horizon Europe (2021-2027), 54 progetti ERC vinti dal 2010 - di cui 24 in corso - e 13 progetti PNRR finanziati per oltre 111 milioni di euro. La ricerca di base e applicata si svolge in 31 dipartimenti e 63 centri di ricerca coordinata, supportata dal sistema bibliotecario di ateneo che mette a disposizione una ricca collezione cartacea e digitale. Con una popolazione studentesca di oltre 60 mila iscritti, di cui quattro mila internazionali, una comunità di personale docente e non docente di quasi cinque mila persone, l’Ateneo milanese offre 155 corsi di laurea (di cui 32 erogati in lingua inglese), 36 corsi di dottorato, 67 scuole di specializzazione, 31 master e 91 corsi di perfezionamento.
Working for the world Science has the power to change the world. Join one of the best research universities in the world – an international community united through bold thinking, science, research, and learning, with over 30,000 students and 8,000 employees. We are defined by our multidisciplinary approach. This, combined with a dedication for cross-border collaboration, gives us our potential to find real solutions and build hope for a better, more sustainable future. We are united by our values – truth, bildung, freedom, and inclusivity – as well as our passion for work that truly matters. Join us: work for the future – work for the world. Read more at www.helsinki.fi
The University of Delaware - a state assisted, privately chartered institution - is a Land Grant, Sea Grant, Space Grant and Carnegie Research University (very high research activity). The University, with origins in 1743, was chartered by the State of Delaware in 1833. A Women's College was opened in 1914, and in 1945 UD became permanently coeducational. The main campus is located in Newark, Delaware, a suburban community of nearly 30,000, situated midway between Philadelphia and Baltimore. Courses are also offered at the Wilmington campus and at other locations throughout the State, including Dover, Georgetown, Milford, and Lewes.
Latest updates, reports, and threat intel affecting the global network.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.