Latest Cybersecurity Threats
Security Threats Are Everywhere
Cybersecurity threats are constantly evolving, putting businesses of all sizes at risk of data breaches, ransomware attacks, and operational disruptions. For organizations in Buffalo, New York, and surrounding areas, staying informed about these threats is not just important—it’s essential. Protecting your data means protecting your business, your clients, and your reputation.
Below you’ll find links to the latest security alerts and vulnerabilities that could impact your business. From newly discovered software exploits to ongoing phishing scams, these insights can help you understand the risks and take proactive measures. In today’s digital age, no organization can afford to overlook cybersecurity. Make sure your defenses are robust and up to date to ensure your data—and your business—stay safe.
View Recent Security Threats
- CVE-2026-29522 - ZwickRoell Test Data Management < 3.0.8 Path Traversal LFI
- CVE-2026-32267 - Craft CMS Vulnerable to Privilege Escalation/Bypass through UsersController- >actionImpersonateWithToken()
- CVE-2026-32263 - Craft CMS vulnerable to behavior injection RCE via EntryTypesController
- CVE-2026-32264 - Craft CMS vulnerable to behavior injection RCE ElementIndexesController and FieldsController
- CVE-2026-30875 - Chamilo LMS: Authenticated RCE via H5P Import
- CVE-2026-30881 - Chamilo LMS: SQL Injection in the statistics AJAX endpoint
- CVE-2026-28430 - Chamilo LMS Vulnerable to Unauthenticated SQL Injection in chamiko-lms model.ajax.php
- CVE-2026-32261 - RCE via SSTI for users with permissions to access the Craft CMS Webhooks plugin
- CVE-2025-69808 - Bareiron P2R3 Out-of-Bounds Memory Access Denial of Service
- CVE-2025-69809 - Bareiron P2R3 Memory Corruption Vulnerability
- CVE-2026-4254 - Tenda AC8 HTTP Endpoint SysToolChangePwd doSystemCmd stack-based overflow
- CVE-2026-27962 - Authlib JWS JWK Header Injection: Signature Verification Bypass
- CVE-2026-28490 - Authlib Vulnerable to JWE RSA1_5 Bleichenbacher Padding Oracle
- CVE-2026-28498 - Authlib: Fail-Open Cryptographic Verification in OIDC Hash Binding
- CVE-2026-23489 - Fields GLPI plugin vulnerable to RCE in dropdown generation
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Mozilla Firefox Could Allow for Arbitrary Code Execution
- Critical Patches Issued for Microsoft Products, March 10, 2026
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
- A Vulnerability in pac4j-jwt (JwtAuthenticator) Could Allow for Authentication Bypass
- Multiple Vulnerabilities in Cisco Products Could Allow for Remote Code Execution
- Multiple Vulnerabilities in Google Android OS Could Allow for Remote Code Execution
- Multiple Vulnerabilities in Cisco Catalyst SD-WAN Products Could Allow for Authentication Bypass
- A Vulnerability in Dell RecoverPoint for Virtual Machines Could Allow for Arbitrary Code Execution
- A Vulnerability in Google Chrome Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Ivanti Endpoint Manager Could Allow for Authentication Bypass
- Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution
- Critical Patches Issued for Microsoft Products, February 10, 2026
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Ivanti Endpoint Manager Mobile Could Allow for Remote Code Execution
- Multiple Vulnerabilities in SolarWinds Web Help Desk Could Allow for Arbitrary Code Execution
- A Vulnerability in Microsoft Office Could Allow for Security Feature Bypass
- A Vulnerability in Cisco Unified Communications Products Could Allow for Remote Code Execution
- Multiple Vulnerabilities in Adobe Products Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Google Chrome Could Allow for Arbitrary Code Execution
- Multiple Vulnerabilities in Fortinet Products Could Allow for Arbitrary Code Execution
- Critical Patches Issued for Microsoft Products, January 13, 2026
- Multiple Vulnerabilities in Mozilla Products Could Allow for Arbitrary Code Execution
- A Vulnerability in WatchGuard Fireware OS Could Allow for Arbitrary Code Execution.
- A Vulnerability in Cisco AsyncOS Could Allow for Remote Code Execution
Secure Your Business Today!
Contact LACyber today to schedule a consultation and take the first step towards building a more secure, resilient digital infrastructure for your business.
Protect Your Business Today
You're just minutes away from securing your sensitive business data and protecting your employees!
"*" indicates required fields
TAKE OUR CYBER SECURITY QUIZ
Take our short quiz to see where your organization’s cyber security policies are keeping you safe.
RECENT THREATS
No feed items found.
OUR TRUSTED PARTNERS
CONTACT YOUR LOCAL WNY DATA PROTECTION EXPERTS TODAY!
Fill out your information to the right and we’ll be in touch to help you secure your business and teams critical data.
155 Great Arrow
Buffalo, NY 14207
United States
Phone: +1 716-325-4740
Email: info@LACyber.com
"*" indicates required fields