Faith-Based Daily Awareness Post 26 November 2025

These updates are shared to help raise the situational awareness of Faith-Based organizations to best defend against and mitigate the impacts from all-hazards threats including physical security, cybersecurity, and natural disasters. 

Man charged after entering mosque armed with AR-15, showing gun to children, officials say

A 29-year-old man has been charged after allegedly entering a mosque in Richland County, South Carolina carrying an AR-15 rifle. On November 9^th, he reportedly walked into the mosque while worshiping was ongoing, and surveillance footage reportedly shows him talking to children and showing them the firearm. The incident was reportedly not reported until November 14^th, causing authorities to initiate efforts to locate him. He eventually turned himself in on November 20^th. The individual has been placed under arrest and two counts of pointing/presenting a firearm. Officials believe this was an isolated incident.

Analyst Comments: This incident highlights ongoing security challenges facing HOWs across the United States. A man entering a mosque with an AR-15 and showing the weapon to children underscores how quickly intimidation can occur even without shots fired and how vulnerable congregants, especially youth, are to targeted threats. While officials labeled the event an isolated case, incidents like this often create lasting fear, disrupt a community’s sense of safety, and can erode trust in public spaces meant to be welcoming and peaceful. It also reinforces the need for proactive security planning: consistent reporting of suspicious behavior, trained greeters or volunteers, clear access-control policies, and cooperation between faith communities and local authorities. At the same time, these threats raise broader questions about balancing safety with inclusivity, since over-securitizing worship spaces can risk making them feel unwelcoming.

Cyberthreats Targeting the 2025 Holiday Season: What CISOs Need to Know

Cybercriminal activity is surging ahead of the 2025 holiday season, with attackers registering thousands of fake holiday- and e-commerce-themed domains to launch phishing scams, fake storefronts, and payment-harvesting schemes. Fortinet reports that more than 1.57 million stolen e-commerce logins are circulating and enabling credential-stuffing and account-takeover attacks. Threat actors are also exploiting newly disclosed vulnerabilities in platforms like Magento, WooCommerce, and Oracle E-Business Suite to conduct payment-page skimming, JavaScript injection, and remote code execution. The rise of automated attack tools, website-cloning services, and AI-driven credential-testing platforms is making these campaigns easier and more scalable. The blog urges businesses to prioritize patching, secure admin access with MFA, monitor for look-alike domains and unauthorized script changes, and strengthen fraud-detection processes, while shoppers should verify URLs, avoid suspicious links, and use secure payment methods.

Analyst Comments: For faith-based communities, which often rely on online giving portals, event registration pages, and seasonal communications, this surge poses added risk: attackers commonly spoof trusted ministries, or charity appeals during the holidays to steal donations or personal information. This report highlights how the holiday season amplifies cyber risk as criminal groups take advantage of increased online shopping, higher transaction volume, and distracted users. Organizations with public-facing services need to treat the weeks ahead as a period of heightened threat by tightening access controls, hardening e-commerce systems, and ensuring rapid monitoring for domain impersonation or payment-page tampering. Regularly verifying domain integrity, educating congregants about phishing, and securing donation platforms with MFA and updated certificates can significantly reduce exposure.