Executive Summary In 2026, I privately disclosed multiple high-severity security concerns affecting systems associated with SIPEF Group, a multinational agro-industrial company operating across Southeast Asia, Africa, and Europe. The findings included: a severe Broken Access Control condition affecting the GeoSIPEF sustainability and traceability platform; publicly indexed credential-exposure indicators associated with enterprise authentication environments; indicators potentially consistent with infostealer-related compromise scenarios affecting enterprise identities and sessions; and additional security concerns involving a digital vCard/contact-sharing application associated with the broader enterprise ecosystem. The issues were disclosed privately under responsible disclosure principles.…