Faith-Based Daily Awareness Post 21 July 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

16-year-old charged with plotting terror attack at suburban Islamic center

A teenager from west Chicago suburban Lombard was charged with plotting to attack an Islamic center in nearby Glendale Heights by detonating an explosive device, according to authorities. Court records revealed the teenager entered the Islamic Education Center and video recorded religious services to assist in preparing for detonating an explosive device earlier this month.

“This is very frightening,” stated William Asfour, operations coordinator with the Council on Islamic Relations. “It’s sad to see that mosques and places of worship continue to be targeted. We condemn this 100%, and I’m happy local authorities were able to stop it before it happened.”

Analyst Comments: Andrew S. Boutros, United States Attorney for the Northern District of Illinois, said in a statement, “Through incredible law enforcement effort and coordination, a violent terrorist attack on American soil was thwarted.” Coordination and information sharing are critical elements to stopping potential terrorist attacks. As noted in the Hostile Event Attack Cycle, surveillance is an important part of the planning phase of any attack, and in post-incident analysis we often see evidence of attackers surveying the future site of their attacks. Both security teams and communities at large are encouraged to maintain situational awareness and report suspicious activity to local authorities.

Duty to Warn Notification: Florida Veterans

Last week the US Army Special Operations Command issued a “Duty to Warn Notification” regarding a potential terrorist threat “targeting retired senior officials who previously served in the Department of Defense with roles in Syria/Iraq theater.” The focus of the threat is specifically noted as Florida, but should be considered more broadly.

Analyst Comments: As many HOWs security teams may utilize personnel with military backgrounds, those individuals, particularly those residing in Florida are encouraged to operate under a heightened state of awareness. Veterans, particularly those who hold publicly visible roles in the targeted area of Florida, an encouraged to review CISA’s Personal Security Considerations Action Guide and report suspicious activity to local authorities.

Microsoft issues customer guidance for SharePoint vulnerability CVE-2025-53770

Microsoft is aware of active attacks targeting on-premises SharePoint Server customers. The attacks are exploiting a variant of CVE-2025-49706. This vulnerability has been assigned CVE-2025-53770. SharePoint Online in Microsoft 365 is not impacted. A patch is currently not available for this vulnerability.

Hackers exploited a major security flaw in widely used Microsoft server software to launch a global attack on government agencies and businesses in the past few days, breaching U.S. federal and state agencies, universities, energy companies and an Asian telecommunications company, according to state officials and private researchers.

Analyst Comments: Mitigations and detections are provided within the linked guidance. The Microsoft team is actively working to release a security update and will provide additional details as they are available.