Over 16,000 Fortinet Devices Faulty, Kenyan Hacker Arrested in $378K Heist, CISA's MITRE Contract Expansion and More.
Plus NIST drafts updated privacy framework, Zambia’s New Cyber Law, and ClickFix Tactics.
Dear subscriber, welcome to this week’s edition of the Top Tech Security Brief:
In the Industry News section, CISA has extended MITRE’s CVE Program contract to 2026, securing continuity amid funding concerns. Microsoft reported a record 1,360 vulnerabilities this year. Apple, Samsung, and 4chan faced critical security issues, while NIST proposed updates to its Privacy Framework to address AI-related risks.
Our African Stories highlight key developments—Zimbabwe’s IMEI registration push sparks surveillance concerns, Kenya arrests a suspect in a $378K cyber heist, Zambia’s new cyber law triggers U.S. alerts, and Namibia launches NAM-CSIRT to bolster national cyber resilience.
In Threats and Vulnerabilities, the emergence of ResolverRAT targets healthcare, while nation-state actors weaponize the ClickFix tactic. CISA flags active NTLM exploitations, and critical flaws in Fortinet, Cisco Webex, and Erlang SSH stack call for immediate remediation.
Lastly, don’t miss our roundup of top African cybersecurity events, including CyberFest Nigeria and the Cyber Africa Forum in Benin.
Let’s dive in!
Industry News
CISA Extends MITRE’s CVE Contract for 11 Months: CISA has extended MITRE’s contract to run the CVE Program through March 2026, avoiding service disruptions amid funding concerns. A new CVE Foundation was also formed to ensure long-term sustainability and global trust. Read more
Microsoft Recorded 1,360 Vulnerabilities in 2024, an All-Time High: Microsoft reported 1,360 vulnerabilities in 2024, the highest ever, driven by product complexity and attacker sophistication. Windows Server and Edge were most impacted, with Edge showing an 800% rise in critical flaws. Elevation of Privilege (EoP) accounted for 40% of all vulnerabilities, underlining systemic risks. Read more
Apple Released Patches for Two Vulnerabilities: Apple released out-of-band updates to fix two critical security vulnerabilities (CVE-2025-31200 and CVE-2025-31201) affecting iOS, iPadOS, and macOS. Read more
Samsung Confirmed Password Security Warning For All Galaxy Users: Samsung Galaxy phones expose a serious password risk due to clipboard history saving data in plain text. Users are advised to stop copying passwords into the clipboard and clear history regularly. Samsung confirmed the issue, but no immediate fix is available. Read more
4chan Got Hacked: 4chan was hacked, exposing backend data, source code, and moderator identities. A hacker reportedly accessed the system for over a year. Leaked data includes 4chan Pass subscriber details, raising serious privacy and security concerns. Read more
NIST Drafts Updated Privacy Framework 1.1 to Address Evolving Privacy and AI Risks: The National Institute of Standards and Technology (NIST) has released a draft of the updated Privacy Framework 1.1, addressing current privacy risk management needs. Key updates include revisions to the Core structure, a new section on AI and privacy risks, and relocation of usage guidelines to an interactive FAQ online. Read more
African Stories
Zimbabwe Wants IMEI Data, Citizens Fear Surveillance: Zimbabwe's telecom regulator, POTRAZ, proposes a central database to register all citizens' mobile devices using IMEI numbers, citing efforts to curb cybercrime. However, critics claim the initiative is politically motivated and aimed at surveillance and control. Read more
Kenyan Hacker Linked to $378K JamboPay Heist Arrested: Kenyan police arrested 26-year-old Joseph Momanyi for a $378,000 cyberattack on JamboPay, involving account manipulation, fake identities, and money laundering through M-Pesa wallets and banks. Investigations and detainment are ongoing. Read more
Zambia’s New Cyber Law Triggers US Embassy Alert and Public Concern: The U.S. Embassy in Zambia has warned citizens about the country’s new cyber law enabling broad digital surveillance. Critics fear it threatens civil liberties, while authorities claim it's vital for national security and crime prevention. Read more
Namibia has launched NAM-CSIRT to strengthen cyber defenses. The unit will protect critical infrastructure, businesses, and citizens, with N$20 million funding committed. Officials stress collaboration and vigilance amid rising cyber threats. Read more
Threats and vulnerabilities
New ‘ResolverRAT’ Malware Targets Healthcare and Pharmaceutical Organizations Worldwide: Morphisec discovered ResolverRAT, a stealthy .NET-based malware targeting global healthcare and pharmaceutical sectors using memory-only execution and phishing. It employs DLL side-loading, runtime obfuscation, and encrypted C2 communication, evading detection and reflecting evolving malware sophistication. Read more
State-Sponsored Hackers Weaponize ClickFix Tactic in Targeted Malware Campaigns: State-sponsored hackers from North Korea, Iran, and Russia used the ClickFix tactic in phishing campaigns to deploy malware between late 2024 and early 2025. ClickFix involves tricking users into manually executing malicious commands on their devices. Proofpoint linked the technique to TA427, TA450, TA422 and UNK_RemoteRogue targeting defense, government, and think tank sectors. Read more
Critical SSH Flaw in Erlang/OTP Threatens High-Availability Systems: A critical vulnerability (CVE-2025-32433) in Erlang/OTP's SSH library may enable full device takeover via unauthenticated SSH messages. Researchers warn it affects systems in banking, IoT, and telecom, with exploitation risks including data theft and ransomware. Patches are now available. Read more
Active Exploitation of Windows NTLM Spoofing Flaw Tracked by CISA:
CISA added a medium-severity NTLM hash disclosure vulnerability (CVE-2025-24054) to its KEV catalog, following active exploitation. The flaw, discovered in Microsoft’s March Patch Tuesday updates, allows attackers to leak NTLM hashes with minimal interaction. Read more
Over 16,000 Fortinet Devices Compromised via New Symlink Backdoor: Over 16,000 FortiGate devices remain compromised through a symbolic link backdoor allowing persistent read-only file access. Fortinet confirmed threat actors used past vulnerabilities to maintain access even after patches were applied. Read more
Cisco Fixes Critical Webex Flaw Enabling Remote Code Execution via Invite Links: Cisco patched CVE-2025-20236, a high-severity Webex flaw enabling unauthenticated remote code execution via crafted meeting invite links. The bug affects all platforms, has no workaround, and requires immediate software updates to mitigate risks. Read more
Reports
Upcoming Events in Africa
Africa CyberFest 2025 - 2 - 3rd May, 2025 (Nigeria)
BFSI Security Summit 2025 - 7th May, 2025 (South Africa)
IDC South Africa CIO Summit 2025 - May 13th, 2025 (South Africa)
Cyber Africa Forum 2025 - June 24-25, 2025 (Benin)
Check out the full list here.
Found this newsletter valuable?
Share this newsletter with your leadership teams, security professionals, and strategic partners.
Sharing enhances awareness, fosters collaboration, and strengthens the cybersecurity posture across the digital ecosystem.
Together, we can shape a safer, smarter cyber environment.
Follow us on:
Thank you for being a part of this community. Stay safe, stay informed!