What is the official website of VNG ?

The official website of VNG is https://career.vng.com.vn.

What is VNG's cybersecurity risk score?

VNG has an AI-generated cybersecurity risk score of 771 out of 1000, indicating a Fair security posture according to Rankiteo's assessment.

How many security incidents has VNG experienced?

According to Rankiteo, VNG currently holds 0 security badges, indicating that no recognized compliance certifications are currently verified for the organization.

Has VNG been affected by any supply chain cyber incidents ?

According to Rankiteo, VNG has not been affected by any supply chain cyber incidents, and no incident IDs are currently listed for the organization.

Does VNG have SOC 2 Type 1 certification ?

According to Rankiteo, VNG is not certified under SOC 2 Type 1.

Does VNG have SOC 2 Type 2 certification ?

According to Rankiteo, VNG does not hold a SOC 2 Type 2 certification.

Does VNG comply with GDPR ?

According to Rankiteo, VNG is not listed as GDPR compliant.

Does VNG have PCI DSS certification ?

According to Rankiteo, VNG does not currently maintain PCI DSS compliance.

Does VNG comply with HIPAA ?

According to Rankiteo, VNG is not compliant with HIPAA regulations.

Does VNG have ISO 27001 certification ?

According to Rankiteo,VNG is not certified under ISO 27001, indicating the absence of a formally recognized information security management framework.

Which industry does VNG operate in ?

VNG operates primarily in the Technology, Information and Internet industry.

How many employees does VNG have ?

VNG employs approximately 4,402 people worldwide.

Does VNG own any subsidiaries ?

VNG presently has no subsidiaries across any sectors.

How many LinkedIn followers does VNG have ?

VNG's official LinkedIn profile has approximately 266,993 followers.

What is the NAICS classification code for VNG ?

VNG is classified under the NAICS code 513, which corresponds to Others.

Does VNG have a Crunchbase profile ?

No, VNG does not have a profile on Crunchbase.

Does VNG have a LinkedIn profile ?

Yes, VNG maintains an official LinkedIn profile, which is actively utilized for branding and talent engagement, which can be accessed here: https://www.linkedin.com/company/vng-corporation.

How many cybersecurity incidents has VNG experienced ?

As of June 30, 2026, Rankiteo reports that VNG has experienced 1 cybersecurity incidents.

How many peer or competitor companies does VNG have ?

VNG has an estimated 14,865 peer or competitor companies worldwide.

What types of cybersecurity incidents has VNG faced ?

Incident Types: The types of cybersecurity incidents that have occurred include Breach.

NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop

WindowsmacOSLinux

Download

Badge your company to reduce your risk score and your cyber insurance costs!

Link verified badges to your company page to build trust with insurers and customers.

Apply now and get your badge!

Internal validation & live display

Insurers and partners see a safer profile

Faster underwriting decisions

Trusted by insurers. Chosen by leaders.

Proud contributor to the Society of Actuaries.

VNG

Boost Score +25 with badge (5 left)

771

/1000

Fair

796

/1000

Fair

VNG Vendor Cyber Rating & Cyber Score

vng.com.vn

Add Your Compliance Badge

Established in 2004, VNG is the leading homegrown digital ecosystem in Vietnam, with diverse products serving the needs of 100 million customers in Vietnam and many countries worldwide. VNG focuses on four main businesses: online games, communications & media, fintech, and digital business. VNG has developed several digital products that contribute to businesses' journey of digital transformation and help Vietnamese citizens connect, transact and entertain. At the same time, the company also concentrates on long-term development by researching and exploring further opportunities in Data Centers and AI. People and Technology are at the core of VNG's identity. VNG boasts nearly 4,000 members across 10 cities worldwide. With a shared DNA

VNG A.I CyberSecurity Scoring

Scoring History

VNG

VNG CyberSecurity News & History

Past Incidents

Attack Types

Entity

Type

Severity

Impact

Seen

Blog Details

Supply Chain Source

Incident Details

View

VNG

Breach

4/2018

VNG105531222

Loading…

A.I.

VNG Company Scoring based on AI Models

Cyber Incidents Likelihood 3 - 6 - 9 months

Actual

Prediction

Incident Predictions locked

Access Monitoring Plan

A.I Risk Score Likelihood 3 - 6 - 9 months

Actual

Prediction A

Prediction B

Prediction C

Prediction D

A.I. Risk Score Predictions locked

Access Monitoring Plan

Loading…

Underwriter Stats for VNG

Incidents vs Technology, Information and Internet Industry Avg (This Year)

No incidents recorded for VNG in 2026.

Incidents vs All-Companies Average (This Year)

No incidents recorded for VNG in 2026.

Incident Types VNG vs Technology, Information and Internet Industry Avg (This Year)

No incidents recorded for VNG in 2026.

Incident History - VNG (X = Date, Y = Severity)

Loading…

SUBSIDIARY

VNG Subsidiaries

Parent Company

VNG

Technology, Information and Internet

Website: https://career.vng.com.vn

Company Size: 1,001-5,000 employees

No subsidiary data available for this company.

Loading…

VNG Similar Companies

Independiente / Freelance

wikipedia.org

La etimología de la palabra deriva del término medieval inglés usado para un mercenario (free-independiente o lance-lanza), es decir, un caballero que no servía a ningún señor en concreto y cuyos servicios podían ser alquilados por cualquiera. El término fue acuñado inicialmente por Sir Walter Scott (1771-1832) en su reconocido romance histórico Ivanhoe para describir a un "guerrero medieval mercenario". La frase en inglés luego hizo la transición a un sustantivo figurativo alrededor de 1860 y fue luego reconocido como un verbo oficialmente en 1903 por varias autoridades en lingüística tales como el Diccionario Oxford de Inglés. Solamente en tiempos modernos ha mutado el término de un sustantivo (un freelance o un freelancer) y un adverbio (un periodista que trabaja freelance). Esta palabra es empleada como anglicismo en castellano como dos palabras separadas "free lance" (del inglés) o autónomo pero no tiene aplicación como verbo. Fuente: Wikipedia. https://es.wikipedia.org/wiki/Freelance Acerca de Independiente / Freelance Somos una de las comunidades de habla hispana más grandes en LinkedIn para profesionales que eligen trabajar de forma independiente. Un espacio para conectar, compartir recursos y encontrar oportunidades. Publicaciones para Empresas y Reclutadores. Para publicar una búsqueda de talento, por favor envíe los detalles de la oferta a: [email protected] El proceso es simple y asincrónico.

YouTube

cb youtube.com

YouTube is a team-oriented, creative workplace where every single employee has a voice in the choices we make and the features we implement. We work together in small teams to design, develop, and roll out key features and products in very short time frames. Which means something you write today could be seen by millions of viewers tomorrow. And even though we’re a part of Google and enjoy all of the corporate perks, it still feels like you’re working at a startup. YouTube is headquartered in San Bruno, California, 12 miles south of San Francisco. We also have many job openings in Mountain View, and across the globe

eBay

ebayinc.com

At eBay, we create pathways to connect millions of sellers and buyers in more than 190 markets around the world. Our technology empowers our customers, providing everyone the opportunity to grow and thrive — no matter who they are or where they are in the world. And the ripple effect of our work creates waves of change for our customers, our company, our communities and our planet.

Delivery Hero

deliveryhero.com

As the world’s leading local delivery platform, our mission is to deliver an amazing experience, fast, easy, and to your door. We operate in over 70+ countries worldwide, powered by tech but driven by people. As one of Europe’s largest tech platforms, we enable ambitious talent to deliver solutions that create impact within our ecosystem. We move fast, take action, and adapt. No matter where you’re from or what you believe in, we build, we deliver, we lead. We are Delivery Hero.

e&

eand.com

We're a global technology group focused on innovation and collaboration to create a better future for all. Since 1976, we've been pioneering new technologies and expanding our reach to more people and places. Today, we provide services to over 163 million customers across 16 countries in the Middle East, Asia, and Africa through our telecom brands under e& international and e& UAE. We're committed to driving the digital future to empower societies and help businesses and governments create a smarter, safer, and more sustainable world through all our business verticals including e& enterprise, e& life, and e& capital. Our goal is to empower people, communities, and societies worldwide to achieve more.

Prosus

prosus.com

Prosus is the power behind the world’s leading lifestyle e-commerce brands. Bringing together bold ideas and the power of AI, Prosus builds technology ecosystems where lifestyle ecommerce brands can become global success stories. These ecosystems span three core geographies – Europe, Latin America and India. In these geographies, Prosus simplifies the often-fragmented experience for consumer buyers and sellers, providing an integrated and frictionless approach that helps billions of consumers to buy, sell and transact through food, Fintech, experiences and commerce platforms

Synechron

synechron.com

At Synechron, we believe in the power of digital to transform businesses for the better. Our global consulting firm combines creativity and innovative technology to deliver industry-leading digital solutions. Synechron’s progressive technologies and optimization strategies span end-to-end Artificial Intelligence, Consulting, Digital, Cloud & DevOps, Data, and Software Engineering, servicing an array of noteworthy financial services and technology firms. Through research and development initiatives in our FinLabs we develop solutions for modernization, from Artificial Intelligence and Blockchain to Data Science models, Digital Underwriting, mobile-first applications and more. Over the last 20+ years, our company has been honored with multiple employer awards, recognizing our commitment to our talented teams. With top clients to boast about, Synechron has a global workforce of 14,000+, and has 55 offices in 20 countries within key global markets. For more information on the company, please visit our website:www.synechron.com.

Nothing

cb nothing.tech

Nothing exists to make tech feel exciting again. We’re building a different kind of company, one that puts design, emotion, and human creativity at the heart of everything we do. From the way our products look to how they sound, feel, and function, we care about the details that make technology not just useful, but inspiring. This is a place for the curious. The creators. The ones who ask why not and mean it. If you're drawn to bold ideas, fast moves, and work that actually makes you feel something, you’ll fit right in. We're not here to follow the rules. We're here to make better ones. Founded in London in 2020, Nothing is a design-led tech company building an alternative to the industry giants. Our products, from award-winning smartphones to expressive audio and wearables, blend iconic design with intuitive engineering to put people and creativity back at the centre of consumer tech. Backed by GV (Google Ventures), EQT Ventures, C Ventures, and influential investors like Tony Fadell (iPod), Casey Neistat, and Kevin Lin (Twitch), we’ve grown from startup to global challenger in just a few years.

Sohu.com

cb sohu.com

Sohu.com Inc. (NASDAQ: SOHU) is China's premier online brand and indispensable to the daily life of millions of Chinese, providing a network of web properties and community based/web 2.0 products which offer the vast Sohu user community a broad array of choices regarding information, entertainment and communication. Sohu has built one of the most comprehensive matrices of Chinese language web properties and proprietary search engines, consisting of seven leading web properties.

Loading…

NEWS

VNG CyberSecurity News

Latest updates, reports, and threat intel affecting the global network.

February 19, 2026 08:00 AM

VNG Soldiers, Airmen participate in Finnish cyber security exercise

Virginia National Guard Soldiers and Airmen assigned to the Fort Belvoir-based 91st Cyber Brigade and the 185th Cyberspace Operations...

Read Article

January 01, 2026 08:00 AM

Vietnam's cybersecurity agency calls for objective review of Zalo's user data collection practices

Speaking at a forum titled 'Personal Data Protection – Rights and Responsibilities' in Hanoi on Wednesday, Colonel Nguyen Hong Quan,...

Read Article

July 18, 2025 07:00 AM

VNG Soldiers, Airmen participate in Regional Cooperation 25

Seven Virginia National Guard Soldiers and Airmen participated in U.S. Central Command's annual Regional Cooperation exercise June 15-27,...

Read Article

February 16, 2025 08:00 AM

Top 10 Tech Companies to Work for in Viet Nam in 2025

Leading companies like FPT Corporation, VNG Corporation, and Viettel Group offer competitive salaries and innovation-driven careers.

Read Article

October 12, 2024 11:37 PM

Academic Visit to HCMUT: A Journey of Learning and Collaboration

JOHOR BAHRU, Sept 29 – A delegation from the Faculty of Computing at Universiti Teknologi Malaysia (UTM) recently went on a six-day trip to Ho Chi Minh City...

Read Article

June 24, 2024 07:00 AM

VNG strives to invest in technology and emerging trends

VNG Corporation will continue to innovate and invest in technology and emerging trends, including AI, fintech, and data centres,...

Read Article

October 10, 2023 07:00 AM

VNG Digital Business Unveils Cutting-Edge Solutions for Business Digital Transformation at Tech4Life

VNG Digital Business has introduced two offerings at Tech4Life Exhibition & Summit: the Cloud Camera AI solution for Smart City operations.

Read Article

August 25, 2023 07:00 AM

Exercise Tests Virginia Guard’s Cyber Response Plan

VIRGINIA BEACH, Va. – The Virginia National Guard hosted Cyber Fortress 2.0, testing Virginia's cyber response plan in an exercise with...

Read Article

June 10, 2023 07:00 AM

Singapore credit and debit cardholders report multiple unauthorised charges from ChatGPT, Apple

Cybersecurity firms said such small transactions could have been used by cyber criminals to validate debit and credit card details.

Read Article

Loading…

CVE

Latest

Global CVEs (Not Company-Specific)

CVE-2026-8023

SUMMARY

Zephyr's HTTP server (subsys/net/lib/http) provides a static-filesystem resource type (HTTP_RESOURCE_TYPE_STATIC_FS, available when CONFIG_FILE_SYSTEM is enabled) that serves files from a configured root directory. Before this fix, both the HTTP/1 and HTTP/2 front-ends placed the raw, attacker-controlled request path into client-url_buffer (assembled in on_url() for HTTP/1 and copied verbatim from the :path pseudo-header for HTTP/2) without resolving ./.. segments. The static-FS handler then built the on-disk filename by directly concatenating the configured root with that raw URL (snprintk(fname, ..., "%s%s", static_fs_detail-fs_path, client-url_buffer) at http_server_http1.c:603 and http_server_http2.c:490) and opened it with fs_open(fname, FS_O_READ). Because the handler is reached via wildcard/leading-dir (fnmatch FNM_LEADING_DIR) or fallback resource matching, a request such as GET /<prefix/../../<file is dispatched to the handler and, after the underlying filesystem (e.g. LittleFS/FAT) resolves the .. segments, escapes the configured web root, letting an unauthenticated remote client read arbitrary readable files on the mounted volume (information disclosure). The HTTP server requires no TLS or authentication to reach this path. The fix adds http_server_remove_dot_segments(), which canonicalizes the path portion of the URL before resource lookup in both protocol handlers, neutralizing the traversal. Affects releases v4.0.0 through v4.4.0 for deployments that register a static-filesystem resource.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 7.5)

cvss3

Base Score: 7.5

Complexity: LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Impact Score

3.6

Exploitability

3.9

REFERENCES

CVE-2026-7656

SUMMARY

The IPv6 Neighbor Discovery handlers in subsys/net/ip/ipv6_nbr.c (handle_ra_input, handle_ns_input, handle_na_input) used an incorrect boolean expression that combined the RFC 4861 validity checks with the ICMPv6 code check using the wrong operator precedence: the form was '((length/hop/source/target checks) && (icmp_hdr-code != 0))'. Because every legitimate ND message carries ICMPv6 code 0, an attacker setting code == 0 (the normal value) caused the entire predicate to evaluate false, so the packet was never dropped and all of the other checks were silently skipped. The bypassed checks include the mandatory Hop Limit == 255 verification (which proves an ND packet originated on-link and was not forwarded) and, for Router Advertisements, the requirement that the source be a link-local address, as well as multicast-target sanity checks. As a result, an adjacent on-link attacker — and, because the Hop-Limit-255 guard is bypassed, potentially a remote/off-link attacker whose packets would otherwise be rejected — can have forged Router Advertisement, Neighbor Solicitation, and Neighbor Advertisement messages accepted. A forged RA lets the attacker reconfigure the victim's default router, on-link prefixes (SLAAC), MTU, reachable/retransmit timers, and (with CONFIG_NET_IPV6_RA_RDNSS) DNS servers, while forged NS/NA enable neighbor-cache poisoning, enabling man-in-the-middle, traffic redirection, and denial of service. The flaw is an input-validation/authentication weakness rather than a memory-safety issue: the underlying packet-parsing primitives (net_pkt_get_data, net_pkt_read, net_pkt_skip) are independently bounds-safe and the validated 'length' is the true buffer length, so skipping the length check causes no out-of-bounds access. The defect has existed since the logic was introduced in 2018 and shipped in all releases through v4.4.0; it is fixed by splitting the condition so any failing check drops the packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 8.1)

cvss3

Base Score: 8.1

Complexity: LOW

CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:H

Impact Score

5.2

Exploitability

2.8

REFERENCES

CVE-2026-51219

SUMMARY

A heap buffer overflow in the HighPriorityASDUQueue_hasUnconfirmedIMessages function of lib60870 v2.3.3 to v2.3.6 allows attackers to cause a Denial of Service (DoS) via a crafted payload.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-51218

SUMMARY

A heap buffer overflow in the TS7Worker::PerformFunctionWrite() function (/core/s7_server.cpp) of snap7 v1.4.3 allows attackers to cause a Denial of Service (DoS) via a crafted packet.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: )

Impact Score

Exploitability

REFERENCES

CVE-2026-10648

SUMMARY

mcumgr_serial_process_frag() in subsys/mgmt/mcumgr/transport/src/serial_util.c calls net_buf_reset() on the result of smp_packet_alloc() before checking it for NULL. smp_packet_alloc() uses net_buf_alloc(K_NO_WAIT) against the shared MCUmgr packet pool (CONFIG_MCUMGR_TRANSPORT_NETBUF_COUNT, default 4), which returns NULL when the pool is exhausted. In default builds the __ASSERT_NO_MSG in net_buf_reset is a no-op, so net_buf_simple_reset writes through the NULL pointer (buf->len = 0; buf->data = buf->__buf), causing a fault/crash. The fragment data reaches this code from attacker-controlled bytes on the MCUmgr serial/UART/shell-console transports (smp_uart.c, smp_raw_uart.c, smp_shell.c), and a fresh buffer is allocated at the start of essentially every new packet. An attacker on the serial/console link can flood the transport to drive the 4-entry buffer pool to exhaustion and induce the NULL dereference, crashing the device (denial of service). The defect was introduced after the original MCUmgr rework and shipped in Zephyr v4.4.0. The fix moves the NULL check ahead of net_buf_reset.

Published

Date2026-06-29

Updated

Date2026-06-29

RISK INFORMATION (Score: 6.2)

cvss3

Base Score: 6.2

Complexity: LOW

CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score

3.6

Exploitability

2.5

REFERENCES

Loading…

API

Access Data Using Our API

Get company history

curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'

Try It API Documentation Rapid

MEASURE

What Do We Measure ?

Incident

Finding

Grade

Digital Assets

Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.

These are some of the factors we use to calculate the overall score:

Network SecurityIdentify exposed access points, detect misconfigured SSL certificates, and uncover vulnerabilities across the network infrastructure.

SBOM (Software Bill of Materials)Gain visibility into the software components used within an organization to detect vulnerabilities, manage risk, and ensure supply chain security.

CMDB (Configuration Management Database)Monitor and manage all IT assets and their configurations to ensure accurate, real-time visibility across the company's technology environment.

Threat IntelligenceLeverage real-time insights on active threats, malware campaigns, and emerging vulnerabilities to proactively defend against evolving cyberattacks.

Rankiteo

By Rankiteo

★ ★ ★ ★ ★

View on G2.com

Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.

View latest plans →View all security reports →

MILESTONEG

Users
Love Us

Loading…