None
At BDO, our success is measured by what we achieve together. As a leading provider of audit, tax, and advisory services, we put people first cultivating a conscious, caring corporate culture that empowers our professionals and clients to thrive. Our commitment to excellence drives us to deliver innovative solutions, actionable insights, and trusted guidance for middle market businesses and global organizations. We help clients navigate complex financial, regulatory, and operational challenges, unlocking growth and value at every stage. By fostering a collaborative environment, we support the development of our people, the success of our clients, and the betterment of our communities. BDO’s insight-driven perspectives and tailored assurance, tax, and consulting services enable companies to move beyond business as usual—achieving exceptional outcomes. BDO is the brand name for the BDO network and each of its independent member firms. BDO USA, P.C., a Virginia professional corporation, is the U.S. member of BDO International Limited, a global network of trusted advisors dedicated to helping businesses succeed.
Security & Compliance Standards Overview
No incidents recorded for Andrew Lundholm CPA in 2026.
No incidents recorded for BDO USA in 2026.
Andrew Lundholm CPA cyber incidents detection timeline including parent company and subsidiaries
BDO USA cyber incidents detection timeline including parent company and subsidiaries
Hirschmann EagleSDV version 05.4.01 prior to 05.4.02 contains a denial-of-service vulnerability that causes the device to crash during session establishment when using TLS 1.0 or TLS 1.1. Attackers can trigger a crash by initiating TLS connections with these protocol versions to disrupt service availability.
The stored API keys in temporary browser client is not marked as protected allowing for JavScript console or other errors to allow for extraction of the encryption credentials.
XSS vulnerability in cveInterface.js allows for inject HTML to be passed to display, as cveInterface trusts input from CVE API services
Multiple reflected cross-site scripting (XSS) vulnerabilities in the login.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda and red_url parameters.
A reflected cross-site scripting (XSS) vulnerability in the login_newpwd.php endpoint of Interzen Consulting S.r.l ZenShare Suite v17.0 allows attackers to execute arbitrary Javascript in the context of the user's browser via a crafted URL injected into the codice_azienda parameter.
