HopeNet Cyber Bits – 11.18.2025 – HopeNet CISO Services

In today’s roundup, we highlight a fresh wave of cyber-risk indicators for small organizations: how a major university was phished, a popular delivery app exposed location details, and the leading web security guideline just expanded to include new categories.

Princeton University Data Breach Impacts Alumni, Students, Employees

Hackers accessed an advancement database at Princeton University containing names, addresses, email addresses and phone numbers of alumni, donors, students, parents and faculty. According to the university the breach stemmed from a phishing attack on November 10 targeting an employee with ordinary access; systems were contained within 24 hours, and no passwords or Social Security numbers appear to have been compromised.
🔗 Read more on SecurityWeek

DoorDash Confirms Data Breach Impacting Users’ Phone Numbers and Physical Addresses

DoorDash has confirmed a breach in which an unspecified number of users—including customers, delivery workers and merchants—had their names, email addresses, phone numbers and physical addresses accessed by an unauthorized third party. The company says no Social Security numbers, driver’s licences, bank or payment card info were taken, and they have no indication yet of fraud or identity theft.
🔗 Read more on TechCrunch

Two New Web Application Risk Categories Added to OWASP Top 10

The OWASP Top 10 list of the most critical web-application security risks has been updated in its 2025 draft: two new categories — Software Supply Chain Failures and Mishandling of Exceptional Conditions — have been added, and the ordering of risk categories has been revised. Specifically, “software supply chain failures” expands the prior “vulnerable and outdated components” category to cover broader ecosystem dependencies.
🔗 Read more on SecurityWeek

HopeNet ( HopeNetCISO.com ) reviews a variety of security news sources so you do not have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. If this was shared with you and you would like to receive a copy directly to your email, please subscribe at HopeNetCISO.com. Thanks for reading!