WEST BLOOMFIELD SCHOOL DISTRICT All students will be: • Contributors • Critical thinkers • Communicators • Collaborators …empowering each for life ahead.
Hillsborough County Public Schools is the seventh largest school district in the nation, with more than 210,000 students. More than 50,000 students attend a school through one of the district’s many school choice programs. HCPS is the largest employer in Hillsborough County, with more than 24,000 employees. Due to our commitment to creating mentally healthy workplaces, we are proud recipients of the 2024 Silver Bell Seal for Workplace Mental Health. Dr. Clayton Nylund, a physics and engineering teacher at Blake High School here at HCPS, has been named a 2025 Florida Teacher of the Year finalist! HCPS has more than 270 school sites including 141 K-5 elementary schools, 43 middle schools, 27 high schools, 5 K-8 schools and 47 charter schools. HCPS features many distinct programs, which provide students with unique learning opportunities. Examples of these programs include Magnet, International Baccalaureate, Career and Technical Education, and Advanced Academics, such as Advanced Placement and Dual Enrollment courses.
Security & Compliance Standards Overview
No incidents recorded for West Bloomfield School District in 2025.
No incidents recorded for Hillsborough County Public Schools in 2025.
West Bloomfield School District cyber incidents detection timeline including parent company and subsidiaries
Hillsborough County Public Schools cyber incidents detection timeline including parent company and subsidiaries
MCP Server Kubernetes is an MCP Server that can connect to a Kubernetes cluster and manage it. Prior to 2.9.8, there is a security issue exists in the exec_in_pod tool of the mcp-server-kubernetes MCP Server. The tool accepts user-provided commands in both array and string formats. When a string format is provided, it is passed directly to shell interpretation (sh -c) without input validation, allowing shell metacharacters to be interpreted. This vulnerability can be exploited through direct command injection or indirect prompt injection attacks, where AI agents may execute commands without explicit user intent. This vulnerability is fixed in 2.9.8.
XML external entity (XXE) injection in eyoucms v1.7.1 allows remote attackers to cause a denial of service via crafted body of a POST request.
An issue was discovered in Fanvil x210 V2 2.12.20 allowing unauthenticated attackers on the local network to access administrative functions of the device (e.g. file upload, firmware update, reboot...) via a crafted authentication bypass.
Cal.com is open-source scheduling software. Prior to 5.9.8, A flaw in the login credentials provider allows an attacker to bypass password verification when a TOTP code is provided, potentially gaining unauthorized access to user accounts. This issue exists due to problematic conditional logic in the authentication flow. This vulnerability is fixed in 5.9.8.
Rhino is an open-source implementation of JavaScript written entirely in Java. Prior to 1.8.1, 1.7.15.1, and 1.7.14.1, when an application passed an attacker controlled float poing number into the toFixed() function, it might lead to high CPU consumption and a potential Denial of Service. Small numbers go through this call stack: NativeNumber.numTo > DToA.JS_dtostr > DToA.JS_dtoa > DToA.pow5mult where pow5mult attempts to raise 5 to a ridiculous power. This vulnerability is fixed in 1.8.1, 1.7.15.1, and 1.7.14.1.
