Rankiteo Logo
Rankiteo
Leader in Cyber Underwriting
Loading...
NEWRankiteo Cyber Underwriting Desktop - Score, price, and bind from your desktop
WindowsmacOSLinux
Download
Northstar Tutoring

Northstar Tutoring Vendor Cyber Rating & Cyber Score

northstartutoring.org

Northstar Tutoring provides free, year round services for low-income students living in Washington, D.C. Northstar Tutoring is a unique mix of tutoring and mentoring for low-income families in Washington, D.C. Partnering with families, educators and volunteers, Northstar has spent almost 30 years providing twice weekly tutoring and regular mentoring activities to some of D.C.’s most under-served students.


Northstar Tutoring A.I CyberSecurity Scoring

Northstar Tutoring
Company Information
Website:https://www.northstartutoring.org/
Employees number:11
Number of followers:126
NAICS:8135
Industry Type:Non-profit Organizations
Homepage:northstartutoring.org
Northstar Tutoring Risk Score (AI oriented)
Between 700 and 749
logo
Northstar TutoringNon-profit Organizations
Updated:
14/07/2026
736/1000
Moderate
Ba
AaaAaABaaBaBCaaCaC
Powered by our proprietary A.I cyber incident model
Insurance prefers TPRM score to calculate premium
Northstar Tutoring Global Score (TPRM)
xxxx
logo
Northstar TutoringNon-profit Organizations
•••
Score locked
Instant access to detailed risk factors
Vulnerabilities
Benchmark vs. industry & size peers
Findings

Northstar Tutoring
Northstar TutoringModerate
Current Score
736Ba (MODERATE)
01000
1 incidents
-27 avg impact
Incident timeline with MITRE ATT&CK tactics, techniques, and mitigations.
JULY 2026
736Before Incident
JUNE 2026
736Before Incident
MAY 2026
762Before Incident
Cyber Attack
27 May 2026Northstar Tutoring
npm and Northstar Tutoring: 150+ npm Packages Promises Wi-Fi Bypass Students Using Their Systems for DDoS Attack

Malicious npm Packages Disguised as School Wi-Fi Bypass Tools Hijack Browsers for DDoS Attacks

735After Incident
HIGH-27
NORNPM1784025857
Malicious npm Packages Disguised as School Wi-Fi Bypass Tools Hijack Browsers for DDoS Attacks Researchers from JFrog and SafeDep uncovered a campaign involving nearly 150 malicious npm packages masquerading as legitimate school Wi-Fi bypass tools. The packages, branded under names like Lucide Proxy, Riverbend Tutoring, and Northstar Tutoring, promised students access to blocked websites and games while covertly loading harmful code in the background. Unlike traditional npm-based attacks that infect developers during installation, these packages functioned as delivery mechanisms for browser-based proxy pages. Visitors to the hosted sites were exposed to popunder ads, tracking scripts, and during a key period in late May traffic-flooding code designed to turn browsers into unwitting participants in DDoS attacks. The campaign operated in waves, with the first detected on May 27 and a second on July 8, bringing the total to 148 packages. While many were removed, some remained available at the time of disclosure. The attack leveraged npm’s infrastructure to distribute static web assets, then dynamically altered functionality via external scripts after visitors loaded the pages. ### How the Attack Worked The proxy services appeared to work as advertised, routing traffic to bypass restrictions while silently executing additional code. A service worker intercepted navigation events and injected scripts that: - Generated popunder ads after user interaction. - Loaded remote JavaScript from a mutable GitHub branch, allowing operators to update malicious payloads without republishing npm packages. - Flooded targets with traffic, including repeated large POST requests to an education-related site, capable of generating ~2 MB of upload traffic per second per browser. A thousand active users could produce ~2 GB/s, enough to disrupt services. - Abused WebSocket connections, rapidly opening and closing links to strain server resources. The remote loader and DDoS components were later removed, but the ability to fetch live scripts from external sources remained a persistent risk. ### Impact and Detection Challenges The campaign’s design made it difficult to detect and mitigate: - Victims weren’t limited to developers anyone visiting the proxy pages, including students, could unknowingly contribute browser resources. - Takedowns were hindered by the use of multiple package names and hosting locations. - Endpoint security tools focused on package installation might miss infections, as the malicious code executed post-page load. Security teams are advised to block the identified infrastructure domains, review web filtering logs for visits to tutoring-themed proxy pages, and monitor for unusual browser upload activity. Indicators of compromise (IoCs) include domains like whatsadmaidk[.]com, changiairportpromax[.]com, and IP addresses such as 92.38.177.17 and 53.75.225.178, along with specific file hashes and URLs tied to the campaign.
INCIDENT DETAILS -
TYPE
Supply Chain Attack, DDoS Attack
MOTIVATION
Financial gain (ad revenue), Disruption (DDoS attacks)
IMPACT
Systems Affected: Browsers of visitors to proxy pages, Web servers targeted by DDoSOperational Impact: Potential disruption of targeted services due to DDoS attacksBrand Reputation Impact: Potential reputational damage to affected entities due to association with malicious activity
APRIL 2026
762Before Incident
MARCH 2026
762Before Incident
FEBRUARY 2026
762Before Incident
JANUARY 2026
762Before Incident
DECEMBER 2025
762Before Incident
NOVEMBER 2025
762Before Incident
OCTOBER 2025
762Before Incident
SEPTEMBER 2025
762Before Incident
AUGUST 2025
762Before Incident

Frequently Asked Questions

?
What is the current A.I Rankiteo Cyber Score for Northstar Tutoring ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in June 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in May 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in April 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in March 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in February 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in January 2026 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in December 2025 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in November 2025 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in October 2025 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in September 2025 ?
?
What was Northstar Tutoring's A.I Rankiteo Cyber Score in August 2025 ?
?
What is the average per-incident point impact on Northstar Tutoring's A.I Rankiteo Cyber Score over the past 12 months ?
?
Where can I access detailed records of all cyber incidents associated with Northstar Tutoring ?
?
Where can I find a summary of the A.I Rankiteo Risk Scoring methodology ?
?
Where can I view Northstar Tutoring's profile page on Rankiteo ?
?
How accurate is the A.I Rankiteo Risk Scoring methodology ?