This week’s cybersecurity developments underscore the increasing threats facing organizations dedicated to public service—schools, nonprofits, healthcare providers, and local governments. From targeted attacks on educational institutions to sophisticated phishing campaigns exploiting trusted platforms, the digital landscape is full of challenges that demand vigilance and proactive measures. Stay informed with the latest updates to safeguard your organization’s mission and the communities you serve.
Cyberattacks Disrupt Educational Institutions in Georgia and New Mexico
Multiple school districts and a university in New Mexico are grappling with cyberattacks that have disrupted operations for thousands of students. In Georgia, the Coweta County School System reported a cyberattack affecting its 23,000 students across 29 K-12 schools. These incidents highlight the vulnerability of educational institutions to cyber threats, emphasizing the need for robust cybersecurity measures to protect sensitive data and maintain continuity of education.
Read more on The Record
Baltimore City Public Schools Data Breach Affects Over 31,000 Individuals
On February 13, 2025, Baltimore City Public Schools experienced a cybersecurity incident impacting certain IT systems. The breach affected over 31,000 individuals, including students and staff, underscoring the critical importance of securing educational networks and promptly addressing vulnerabilities to protect personal information.
Read more on BleepingComputer
Texas School District Notifies Over 47,000 People of Data Breach
The Alvin Independent School District in Texas has alerted more than 47,000 individuals about a data breach that exposed sensitive personal information. This incident serves as a stark reminder for educational institutions to implement comprehensive cybersecurity strategies and regular audits to safeguard against unauthorized access to personal data.
Read more on Infosecurity Magazine
Iran Claims to Repel Cyberattack on Critical Infrastructure
Iran’s Telecommunication Infrastructure Company reported thwarting one of the most widespread and complex cyberattacks against the country’s infrastructure. While specific details remain undisclosed, the incident highlights the persistent threats to critical infrastructure worldwide.
Read more on SC Media
Fake Security Plugin on WordPress Enables Remote Admin Access
Cybersecurity researchers have identified a malicious campaign targeting WordPress sites through a fake security plugin named “WP-antymalwary-bot.php.” This plugin grants attackers remote admin access, allowing them to maintain control and execute malicious code. Organizations using WordPress should verify the authenticity of plugins and maintain updated security protocols to prevent such intrusions.
Read more on The Hacker News
Large-Scale Phishing Campaign Targets WooCommerce Users
A significant phishing campaign is deceiving WooCommerce users with fake security alerts prompting the download of a “critical patch.” This patch conceals a backdoor, compromising the security of WordPress sites. E-commerce platforms and organizations should exercise caution with unsolicited security notifications and ensure updates are obtained from verified sources.
Read more on Security Affairs
Threat Actor Bypasses SentinelOne EDR to Deploy Ransomware
Security researchers have discovered a method employed by threat actors to bypass SentinelOne’s Endpoint Detection and Response (EDR) system, facilitating the deployment of Babuk ransomware. This technique involves exploiting the agent upgrade process, emphasizing the need for organizations to monitor and secure their cybersecurity tools against sophisticated evasion tactics. If you use SentinelOne, be sure to check the setting mentioned within the article.
Read more on Infosecurity Magazine
Google Fixes Actively Exploited Android Vulnerability
Google’s May 2025 Android update addresses 46 security flaws, including a critical vulnerability (CVE-2025-27363) that has been actively exploited since March. This zero-click vulnerability affects the FreeType library, posing significant risks to Android users. Organizations should ensure that all Android devices are updated promptly to mitigate potential threats.
Read more on The Hacker News
SonicWall SMA100 Vulnerability Exploited in the Wild
A critical vulnerability (CVE-2025-32819) in SonicWall’s SMA100 series has been exploited, allowing attackers to delete the primary SQLite database and reset the system to factory settings. This breach underscores the importance for organizations using SonicWall appliances to apply security patches immediately and review access controls to prevent unauthorized exploitation.
Read more on Help Net Security
Chrome 136 and Firefox 138 Patch High-Severity Vulnerabilities
The latest releases of Chrome 136 and Firefox 138 address multiple high-severity vulnerabilities that could be exploited by attackers to compromise user systems. Organizations should ensure that all browsers are updated to the latest versions to maintain security and protect against potential exploits.
Read more on SecurityWeek
HopeNet reviews a variety of security news sources so you do not have to! This list is curated specifically for churches, nonprofits, and other Organizations of Hope. The headlines and our added comments are meant to provide enough to get an overview of recent happenings, but links are also provided for readers that want to explore certain topics deeper.
If this was shared with you and you would like to receive a copy directly to your email, please sign up for this FREE newsletter at HopeNetCISO.com. Also, check out the Services section of our site for ways we can help! Thanks for reading!
Leave a Reply
You must be logged in to post a comment.