Nigeria Meta Fine, TikTok Breach, MTN Cyber Incident & More
Plus, MITRE Launches D3FEND CAD tool & 159 CVEs exploited in Q1 2025.
Dear subscriber, welcome to this week’s edition of the Top Tech Security Brief:
In this week's Industry News, we cover MITRE’s launch of the D3FEND CAD tool for advanced cybersecurity modeling, WhatsApp’s introduction of Advanced Chat Privacy to enhance user data protection, and a surge in CVEs exploited in Q1 2025. We also report on a possible TikTok breach exposing user credentials and the continued rise of ransomware in data breaches. The FBI seeks public assistance in locating the Salt Typhoon hackers involved in major telecom breaches.
Our African Stories highlight Meta’s $220 million fine in Nigeria, a cybersecurity incident at MTN Group, and a rise in fraud cases reported by the Bank of Ghana. We also cover Zambia’s new cyber law, which has raised concerns, and a warning from the UN about the expansion of Asian crime syndicates into Africa.
In the Threats and Vulnerabilities section, we discuss critical vulnerabilities in HPE Performance Cluster Manager, Rack Ruby server, Infodraw Media Relay Service, Craft CMS, SAP NetWeaver, and Active! Mail. These flaws expose organizations to significant risks, and we advise immediate patching to prevent exploitation.
Let’s dive in!
Industry News
MITRE Launches D3FEND CAD Tool for Advanced Cybersecurity Modeling: MITRE's new Cyber Attack-Defense (CAD) tool, part of the D3FEND 1.0 release, enables structured cybersecurity scenario creation. The tool leverages D3FEND's ontology, enhancing threat modeling, defense strategy, and collaboration among security teams. Read more
Advanced Chat Privacy Introduced in WhatsApp to Strengthen User Data Protection: WhatsApp introduced a new privacy setting, Advanced Chat Privacy, to limit message sharing, media downloads, and AI use. This update enhances user control and strengthens privacy in group chats, especially for sensitive conversations. Read more
159 CVEs Exploited in the Wild in Q1 2025: In the first quarter of 2025, 159 CVEs were exploited, marking an increase from 151 in Q4 2024. Content management systems were most targeted, with 45 vulnerabilities exploited within a day of disclosure. Read more
Hackers Allegedly Breach TikTok, Exposing Over 900,000 Usernames & Passwords: Hacker group R00TK1T claims to have breached TikTok, leaking credentials of 927,000 users. TikTok has not confirmed the breach. Experts advise users to change passwords, enable two-factor authentication, and monitor accounts for suspicious activity. Read more
Ransomware Involved in 44% of Data Breaches in 2024: Verizon’s 2025 DBIR found ransomware involved in 44% of breaches across 22,000 incidents analyzed. 64% of victims refused ransom payments, and median ransom amounts dropped to $115,000. Small and medium-sized businesses remain disproportionately targeted, with ransomware present in 88% of their breaches. Read more
FBI Seeks Public Help on the whereabouts of Salt Typhoon: The FBI has requested public assistance to identify Salt Typhoon hackers responsible for major breaches of U.S. telecom networks. Attackers accessed private communications and sensitive law enforcement data. A $10 million reward is offered for information. Salt Typhoon continues targeting global telecom providers using Cisco device vulnerabilities. Read more
African Stories
Meta's $220 Million Fine Upheld by Nigeria: Nigeria’s FCCPC has reaffirmed a $220 million fine against Meta for violating data protection and competition laws. Meta must halt unauthorized data sharing, restore user consent options, and submit a compliance report by July 1, 2025. Read more
MTN Group Hit by Cybersecurity Incident: MTN Group disclosed unauthorized access to customer data in certain markets but confirmed its core systems remain secure. Authorities have been notified, and affected customers are also informed as investigations continue into the incident. Read more
Bank of Ghana Reports 5% Rise in Fraud Cases for 2024: Fraud cases across banks, SDIs, and PSPs rose to 16,733 in 2024 — a %5 increase — with GH¢99 million at risk. Staff involvement also increased by 33%, while recovery of stolen funds remained low at only 4%, prompting stronger regulatory directives. Read more
Zambia’s New Cyber Law Triggers US Embassy Alert and Public Concern: The US embassy in Zambia issued a security alert over a new cyber law permitting broad interception of digital communications. Zambia’s government defends the law, but critics warn it threatens civil liberties and free expression. Read more
Asian Crime Syndicates Expanding to Africa, UN Warns: The UN reported that Asian crime syndicates running multibillion-dollar cyber scams are expanding operations to Africa particularly Zambia, Angola, and Namibia. These groups exploit trafficked workers and increasingly collaborate with local criminal networks worldwide. Read more
Zambia’s Cyber Laws Face Legal Challenge Over Rights Violations: Law Association of Zambia (LAZ) warned that Zambia’s new Cyber Security and Cyber Crimes Acts threaten constitutional rights, free press, and democracy. The Association criticized vague legal definitions and executive control over cybersecurity enforcement. Read more
Threats and vulnerabilities
Critical Authentication Bypass Vulnerability in HPE Performance Cluster Manager: A severe vulnerability (CVE-2025-27086) in HPE Performance Cluster Manager (HPCM) allows remote authentication bypass, affecting versions up to 1.12. Exploitation grants unauthorized access to critical computing resources. HPE released a patch in version 1.13 and provided a temporary mitigation for affected users. Read more
Critical Security Flaws Exposed in Rack Ruby Server and Infodraw Media Relay Service: OPSWAT researchers disclosed three vulnerabilities in the Rack Ruby server, including CVE-2025-27610, enabling unauthorized file access. Separately, a critical unpatched flaw in Infodraw Media Relay Service (CVE-2025-43928) allows unauthenticated file reading and deletion. Immediate mitigation is strongly advised to prevent exploitation. Read more
Zero-Day Exploits in Craft CMS Lead to Data Breach and Server Compromise: CERT Orange Cyberdefense reported two chained zero-day vulnerabilities (CVE-2025-32432 and CVE-2024-58136) in Craft CMS, allowing remote code execution and data theft. The attack exploited both flaws to breach servers and upload malicious file managers. Patches were released, and admins are advised to take immediate action to secure systems. Read more
New Vulnerability in SAP NetWeaver Exploited for Remote File Uploads and Web Shells: A new vulnerability in SAP NetWeaver allows attackers to upload JSP web shells, enabling unauthorized file uploads and remote code execution. The flaw, tracked as CVE-2025-31324, affects the "/developmentserver/metadatauploader" endpoint, impacting government agencies and enterprises. Read more
Active! Mail Zero-Day RCE Vulnerability Exploited in Japan: A critical stack-based buffer overflow vulnerability (CVE-2025-42599) in Active! Mail is being actively exploited in Japan. The flaw allows remote code execution, affecting over 2,250 organizations, including universities and government agencies. Read more
Reports
Upcoming Events in Africa
Africa CyberFest 2025 - 31st May, 2025 (Nigeria)
BFSI Security Summit 2025 - 7th May, 2025 (South Africa)
IDC South Africa CIO Summit 2025 - May 13th, 2025 (South Africa)
Cyber Africa Forum 2025 - June 24-25, 2025 (Benin)
Check out the full list here.
Found this newsletter valuable?
Share this newsletter with your leadership teams, security professionals, and strategic partners.
Sharing enhances awareness, fosters collaboration, and strengthens the cybersecurity posture across the digital ecosystem.
Together, we can shape a safer, smarter cyber environment.
Follow us on:
Thank you for being a part of this community. Stay safe, stay informed!