VHPMSA A.I CyberSecurity Scoring
03/06/2026
Access Monitoring Plan
Access Monitoring Plan
No incidents recorded for voestalpine High Performance Metals Sweden AB in 2026.
No incidents recorded for voestalpine High Performance Metals Sweden AB in 2026.
No incidents recorded for voestalpine High Performance Metals Sweden AB in 2026.
Mining
Over the last 35 years, we have partnered the country in its journey to self-reliance, by embracing sustainability, adopting cutting-edge technology and having innovation and R&D initiatives at the heart of our culture. From humble beginnings with a single plant in 1982, we are now India's leading manufacturer of value-added and high-end steels. Our plants in Karnataka, Tamil Nadu and Maharashtra have a total capacity of 29.7 MTPA, and we are scaling up existing plants and opening new ones to take that figure to 40 MTPA. Globally, we own a plate and pipe mill in the US, and mining assets in the US, Chile and Mozambique. But we're not ones to rest on our laurels. Driven by decades of experience and a dynamic culture, we constantly seek new ways to revolutionize steelmaking. To begin with, we integrate sustainability into everything we do. We benchmark our business vision and governance systems, manufacturing and sales processes, and even our customer and community engagement initiatives, against global best-in-class standards. We bolster these sustainability initiatives, by staying on the cutting edge of technology. It's a strategy that has helped us create the largest product portfolio in India, and at the same time, become India's largest exporter of steel with a presence in more than 100 countries. Today, nearly 40% of our products are high-value steels, a figure we intend to take up to 50% soon. We’ve made this technological prowess possible with a relentless focus on innovation and R&D. It has helped us stay ahead of competition, customise our offerings as per client requirements, partner with global leaders such as JFE Steel, Marubeni Itochu Steel, Praxair and Severfield Rowen Plc. to be cost-efficient, and be seen worldwide as a purveyor of high-end, value-added steel.
Headquartered in Morocco, OCP Group is one of the world’s largest custodian and supplier of phosphate-based plant nutrition solutions and associated products for soil health and a leader in applied science and education. Our mission is to provide customized plant nutrition solutions for healthy food production. As an African business, we are committed to accelerating Africa’s development and south-to-south cooperation and making agriculture and food systems globally sustainable and resilient. We put farmers at the center of everything we do. Join us to help ensure a more sustainable and food secure future for all.
First Quantum Minerals Ltd. is a global mining company producing copper and nickel, as well as gold and cobalt. Our growing portfolio of operations and projects spans four continents and employs around 20,000 people. We are well-known for our ‘can do’ attitude and specialist technical, project management, engineering, construction and operational skills, which allow us to develop and successfully run complex mines and minerals processing plants. We strive to go beyond the goals set by other companies. After 25 years of operations we are now one of the world’s top 10 copper producers and we focus on providing a tangible benefit from everything we do for employees, investors and the many communities that host our operations. From our initial operation reprocessing tailings facilities in Zambia, to the recently completed giant Cobre Panama operation, we have recorded many significant commercial and technical achievements over the past two decades. By 2021, the combined output of our mines will be more than 800,000 tonnes of copper per year.
Glencore is one of the world’s largest global diversified natural resource companies and a major producer and marketer of more than 60 commodities that advance everyday life. Through a network of assets, customers and suppliers that spans the globe, we produce, process, recycle, source, market and distribute the commodities that support decarbonisation while meeting the energy needs of today.
We are a global mining company producing iron ore, pellets, and nickel, and we are committed to becoming one of the safest, most trustworthy mining company in the world. With a workforce of 120,000 employees, we work every day to transform natural resources into prosperity and sustainable development for the approximately 30 countries in which we operate. In addition to mining, we have operations in logistics, energy, and steelmaking. We self-generate 54% of the energy we use, and in Brazil alone, more than 1 million people travel on our passenger trains on the Vitória-Minas and Carajás railroads every year. We continuously reassert our commitment to the future of our planet by, among other initiatives, protecting 8,500 km² of natural land and investing in R&D to lead the sustainable mining revolution, with the ultimate goal of becoming a carbon-neutral company by 2050. We are constantly evolving, always aiming to be a diverse and inclusive company. We are pursuing a goal of doubling our female workforce by 2030 and increasing representation among our leadership. Our activities are governed by a policy of transparency, safety and security, ethics, and respect in order to protect the environment and encourage the development of our employees. We are Vale.
We are supplying the resources the world needs to help build a better, clearer future. Copper for renewable energy. Potash for sustainable farming. Iron ore and metallurgical coal for the steel needed for global infrastructure and the energy transition. #FutureIsClear Across our global operations, we are committed to working in ways that are true to our BHP Charter values of Sustainability, Integrity, Respect, Performance, Simplicity and Accountability. Learn more about working at BHP and the exciting career opportunities that exist for professionals, undergraduates and graduates on our website: www.bhp.com.
Jindal Steel is one of India’s foremost integrated steel producers, renowned for its scale, efficiency, and commitment to excellence. Operating on a robust mine-to-metal model, the Company leverages captive resources, advanced manufacturing capabilities, and a global distribution network to deliver high-performance steel solutions. With an investment footprint exceeding USD 12 billion, Jindal Steel runs state-of-the-art facilities in Angul, Raigarh, and Patratu, and maintains strategic operations across India and Africa. Its diversified and future-ready product portfolio underpins core sectors such as infrastructure, construction, and manufacturing, powering progress through strength and sustainability. Take the next step in your career with Jindal Steel by submitting your application to our Talent Acquisition team at "[email protected]"
Recruitment Fraud Alert: Alcoa has become aware of some fraudulent employment offers being sent to candidates via social media channels. Alcoa never makes job offers or asks for bank details through social media. Always verify the authenticity of any recruitment communication directly through our official channels. Alcoa (NYSE: AA, ASX: AAI) is a global industry leader in bauxite, alumina, and aluminum products with a vision to build a legacy of excellence for future generations. With a values-based approach that encompasses integrity, operating excellence, care for people and courageous leadership, our purpose is to Turn Raw Potential into Real Progress. Since developing the process that made aluminum an affordable and vital part of modern life, our talented Alcoans have developed breakthrough innovations and best practices that have led to greater efficiency, safety, sustainability, and stronger communities wherever we operate.
With a history spanning 122 years, Gerdau is Brazil's largest steel producer, one of the leading producers of long steel in the Americas and of special steel in the world. In Brazil, Gerdau also produces flat steel and iron ore for its own use. Gerdau also has a new business division, Gerdau Next, which fosters entrepreneurship in segments adjacent to the steel industry. Guided by its purpose of empowering people who build the future, Gerdau has operations in nine countries and over 30,000 direct and indirect employees. Gerdau is the largest recycling company in Latin America and uses scrap as an important input, with 73% of the steel it produces made from scrap. Every year, Gerdau transforms 11 million tonnes of scrap into a variety of steel products. Gerdau also is the world’s largest charcoal producer, with over 250 hectares of planted forests in the state of Minas Gerais. As a result of its sustainable production matrix, Gerdau currently has one of the industry’s lowest average greenhouse gas emissions (CO₂e), of 0.86t/CO₂e per tonne of steel, which is about half the global industry average of 1.91 t/CO₂e per tonne of steel (worldsteel). By 2031, Gerdau’s target is to reduce its carbon emissions to 0.83 t/CO₂e per tonne of steel. Gerdau’s shares are listed on the São Paulo (B3), New York (NYSE) and Madrid (Latibex) stock exchanges.
Latest updates, reports, and threat intel affecting the global network.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.22 and 4.0.0-RC1 through 4.17.15, an attacker with only a GitHub account can plant a JavaScript payload in a craftcms/cms issue title. When a Craft admin uses the CraftSupport widget’s "Give feedback" screen and types a search term that returns the poisoned issue, the payload executes in the admin’s control panel session. No control panel account or elevated privileges are required on the attacker’s side. This issue has been fixed in versions 4.17.16 and 5.9.23.
Craft CMS is a content management system (CMS). In versions 5.0.0-RC1 through 5.9.21 and 4.0.0-RC1 through 4.17.14, theAssetsController::actionDeleteFolder() only requires the deleteAssets:<volume-uid> permission for the target folder. It never enforces deletePeerAssets:<volume-uid>, even though Assets::deleteFoldersByIds() cascades deletion to every descendant folder and every asset inside, regardless of the uploader's assigned privileges. A low-privilege user who has been granted folder-management rights on a shared volume can therefore destroy assets uploaded by other users (peer assets), bypassing the per-asset peer-permission check that the sibling actionDeleteAsset endpoint correctly applies. This issue has been fixed in versions 4.17.15 and 5.9.22.
Craft CMS is a content management system (CMS). Versions 5.0.0-RC1 through 5.9.20, and 4.0.0-RC1 through 4.17.13 contain an authorization issue in the AssetsController::actionReplaceFile that can delete a source asset without source delete permission by supplying both assetId and sourceAssetId. AssetsController::actionReplaceFile() supports replacing a target asset file using another existing asset as the source. The action loads: assetId -> $assetToReplace and sourceAssetId -> $sourceAsset, then enforces replace permissions using ($assetToReplace ?: $sourceAsset). When both IDs are provided, this expression resolves to the target asset so no permission check is performed against the source asset volume. When both assets are present, Craft copies the source file into the target and then deletes the source asset. There is no deletion check for for the source asset. An authenticated user who can replace files in one volume can delete assets in another volume where they do not have delete permission, as long as they can obtain a sourceAssetId, leading to broken content references and data loss. This issue has been fixed in versions 4.17.14 and 5.9.21.
Description: To issue and renew TLS certificates on behalf of customers, Cloudflare's Universal SSL feature automatically manages the CAA RRset for the customer's zone. This auto-managed RRset is permissive by design (e.g. 'issue "letsencrypt.org"' without parameters). On Universal SSL zones, Cloudflare's authoritative DNS serves this auto-managed RRset at query time, superseding any customer-configured CAA records on the zone. When a customer publishes a stricter CAA record using the RFC 8657 accounturi or validationmethods parameters, the Certificate Authority does not observe those parameters when evaluating the served RRset under RFC 8659. As a result, the RFC 8657 account-binding and validation-method-binding protections are not enforced end-to-end on Universal SSL zones. Successful exploitation could result in issuance of a browser-trusted TLS certificate to an attacker, enabling MITM against the affected domain. Exploitation is non-trivial in practice: an attacker would need to hold an ACME account at one of the Certificate Authorities in the served CAA RRset and to simultaneously satisfy domain control validation across the multiple geographically distinct Network Perspectives the CA relies on for Multi-Perspective Issuance Corroboration. Cloudflare prefixes are anycast-announced from hundreds of locations globally, raising the bar against single-vantage-point BGP hijacks. Any resulting misissuance of a browser-trusted certificate is subject to Certificate Transparency logging required by major browsers, and would be visible to CT monitoring. Mitigation: Customers requiring strict RFC 8657 enforcement need to disable Universal SSL on the affected zone. Universal SSL's automatic CAA management and customer-set RFC 8657 accounturi and validationmethods enforcement are mutually exclusive by the nature of the issue, so there is no in-product workaround that preserves both. Certificate Transparency monitoring is recommended for all customers as a general detection control. Credits: David Osipov (ORCID: https://orcid.org/0009-0005-2713-9242), independent researcher
Out of bounds read and write in Tint in Google Chrome prior to 150.0.7871.46 allowed a remote attacker to potentially perform out of bounds memory access via a crafted HTML page. (Chromium security severity: High)
curl -i -X GET 'https://api.rankiteo.com/underwriter-getcompany-history?
linkedin_id=axa' -H 'apikey: YOUR_API_KEY_HERE'
Every week, Rankiteo analyzes billions of signals to give organizations a sharper, faster view of emerging risks. With deeper, more actionable intelligence at their fingertips, security teams can outpace threat actors, respond instantly to Zero-Day attacks, and dramatically shrink their risk exposure window.
Rankiteo is a unified scoring and risk platform that analyzes billions of signals weekly to help organizations gain faster, more actionable insights into emerging threats. Empowering teams to outpace adversaries and reduce exposure.