HopeNet Cyber Recap – 06.14.2025 – HopeNet CISO Services

Navigating the Cybersecurity Maze: Privacy, Patching, and Preparedness

The cybersecurity landscape continues to evolve as threats target critical infrastructure, healthcare, and nonprofit services. From phishing at state health departments to solar power system exposures, the need for proactive security has never been more urgent. This week’s update highlights pressing developments and emerging tools designed to safeguard your organization and those you serve.

New COPPA Rules Reignite Focus on Children’s Data Privacy

New proposed updates to the Children’s Online Privacy Protection Act (COPPA) aim to close gaps in how children’s data is collected, used, and shared. Organizations serving youth or operating educational platforms should track these changes closely, as enforcement may soon impact compliance requirements.
Read more on Dark Reading

NIST Releases 19 Recommendations for Building Zero Trust Architectures

The National Institute of Standards and Technology (NIST) has released detailed guidance on implementing zero trust frameworks. These 19 recommendations help organizations—especially nonprofits and public institutions—modernize their cybersecurity posture without disrupting operations.
Read more on NIST

Zero Trust, But What About Devices?

Unmanaged devices and BYOD do have benefits, but those come with risk. As nonprofits and service organizations expand hybrid workforces, securing every endpoint becomes crucial. Failure to address this blind spot leaves networks vulnerable to insider threats and remote exploits.
Read more on SecurityWeek

OWASP Nettacker: Open Source Scanner to Boost Security Awareness

OWASP has released Nettacker, an open-source tool that helps organizations test their own systems for vulnerabilities. This easy-to-use scanner empowers smaller IT teams—like those in nonprofits or local government—to identify weaknesses before attackers do. OWASP is a respected organization, so worth a peek if you have a need.
Read more on Help Net Security

Illinois Health Department Hit by Phishing Attack

The Illinois Department of Public Health experienced a phishing attack that compromised personal data. As a reminder, public health agencies and nonprofits handling sensitive information must remain vigilant with user training and email filtering tools.
Read more on StateScoop

Cyberattack Impacts United Natural Foods Operations

United Natural Foods, a major food distribution company, reported a cybersecurity incident that disrupted operations. This serves as a wake-up call for food banks and partner organizations relying on these suppliers to evaluate contingency plans and supply chain risks.
Read more on Dark Reading

35,000 Solar Power Systems Found Exposed Online

Tens of thousands of solar energy systems were discovered to be accessible via the internet without sufficient security protections. For nonprofits and municipalities investing in sustainable energy, this is a critical reminder to ensure proper cybersecurity configurations from installation through maintenance.
Read more on SecurityWeek

Fortinet and Ivanti Patch High-Severity Vulnerabilities

Security vendors Fortinet and Ivanti have patched multiple high-severity vulnerabilities affecting core infrastructure. Nonprofits and agencies using these products should apply patches immediately to prevent exploit attempts.
Read more on SecurityWeek

Android Devices Receive Over 30 Security Fixes

Google’s latest Android update includes patches for over 30 vulnerabilities. Organizations with BYOD (bring-your-own-device) policies should urge staff to update their devices to protect sensitive communications and data.
Read more on SecurityWeek

Palo Alto Networks Addresses Privilege Escalation Bugs

Palo Alto Networks released updates fixing privilege escalation flaws that could let attackers gain elevated access. For IT teams in resource-limited environments, timely patching of firewalls and network gear is essential to reducing exposure.
Read more on SecurityWeek

HopeNet reviews a variety of security news sources so you don’t have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers who want to explore certain topics deeper.

If this was shared with you and you would like to receive a copy directly to your email, please sign up for this FREE newsletter at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!