Beverly Hills Unified School District (BHUSD) Proudly serving the Beverly Hills community, BHUSD is committed to Educational Excellence. Through rigorous academics, arts, and athletics, we empower students to thrive with integrity in a complex, changing world.
KUSD believes all students will have an equal opportunity to prepare for college and/or careers with the support of highly qualified educators in a learning environment that is resource rich, safe, and welcoming. The Kenosha Unified School District was created in 1967. The District includes the City of Kenosha, Village of Pleasant Prairie, and Town and Village of Somers. While it is called the Kenosha Unified School District, it is actually a common school district and holds an annual meeting of electors.
Security & Compliance Standards Overview
No incidents recorded for Beverly Hills Unified School District in 2025.
No incidents recorded for Kenosha Unified School District in 2025.
Beverly Hills Unified School District cyber incidents detection timeline including parent company and subsidiaries
Kenosha Unified School District cyber incidents detection timeline including parent company and subsidiaries
Cursor is a code editor built for programming with AI. In versions 1.7.44 and below, various NTFS path quirks allow a prompt injection attacker to circumvent sensitive file protections and overwrite files which Cursor requires human approval to overwrite. Modification of some of the protected files can lead to RCE. Must be chained with a prompt injection or malicious model attach. Only affects systems supporting NTFS. This issue is fixed in version 2.0.
Cursor is a code editor built for programming with AI. In versions 1.7.52 and below, manipulating internal settings may lead to RCE. Cursor detects path manipulation via forward slashes (./.cursor/./././././mcp.json etc.), and requires human approval to complete the operation. However, the same kind of manipulation using backslashes was not correctly detected, allowing an attacker who had already achieved prompt injection or some other level of control to overwrite sensitive editor files without approval on Windows machines. This issue is fixed in version 2.0.
Cursor is a code editor built for programming with AI. In versions 1.7.28 and below, an input validation flaw in Cursor's MCP server installation enables specially crafted deep-links to bypass the standard security warnings and conceal executed commands from users if they choose to accept the server. If an attacker is able to convince a victim to navigate to a malicious deeplink, the victim will not see the correct speedbump modal, and if they choose to accept, will execute commands specified by the attackers deeplink.
LinkAce is a self-hosted archive to collect website links. In versions 2.3.1 and below, the social media sharing functionality contains a Stored Cross-Site Scripting (XSS) vulnerability that allows any authenticated user to inject arbitrary JavaScript by creating a link with malicious HTML in the title field. When a user views the link details page and the shareable links are rendered, the malicious JavaScript executes in their browser. This vulnerability affects multiple sharing services and can be exploited to steal session cookies, perform actions on behalf of users, or deliver malware. This issue is fixed in version 2.4.0.
CVE-2025-59596 is a denial-of-service vulnerability in Secure Access Windows client versions 12.0 to 14.10 that is addressed in version 14.12. If a local networking policy is active, attackers on an adjacent network may be able to send a crafted packet and cause the client system to crash.
