No recent events yet!
ngCERT cautions on active exploitation of Zero-Day vulnerabilities in Windows Remote Access Connection Manager (RasMan) and Windows Agere Modem Driver services dubbed (CVE-2025-59230 and CVE-2025-24990). Both flaws are elevation of privilege (EoP) vulnerabilities stemming from improper access control, allowing local attackers to escalate to SYSTEM-level privileges. Notably, other vulnerabilities related privileged escalation have been identified as (CVE-2025-49708 and CVE-2025-55315) with CVSS scores: 9.9. Although these vulnerabilities were addressed in Microsoft's October 2025 Patch Tuesday updates, Windows system users are at high risk of compromise and attacks. The ongoing exploitation of these vulnerabilities by attackers underscores the critical need for organizations to deploy security patches without delay.
ngCERT has detected a critical and easily exploitable vulnerability affecting the Oracle E-Business Suite (EBS) in Nigeria. This vulnerability assigned CVE-2025-61882 could be exploited remotely by an unauthenticated attacker with network access via HTTP to achieve remote code execution (RCE), potentially leading to full system takeover. Assigned a CVSS 3.1 with a base score of 9.8 (Critical), the flaw has been actively exploited in the wild by the Cl0p ransomware group; hence, it has been listed in CISA's Known Exploited Vulnerabilities (KEV) Catalogue. There is therefore an urgent need for organisations to update applications and apply patches to safeguard against exploits and possible cyberattacks.
ngCERT has detected about 78 (medium to low) vulnerabilities primarily impacting Microsoft Windows components like Windows Digital Media and Secure Boot, as well as Dell firmware. These weaknesses include elevation of privilege (EoP), security feature bypasses, and improper access controls, with CVSS v3.1 scores from 4.3 to 8.1 (low to high severity). Most of these require local access, but exploitation could lead to system compromise or data exposure. Although the vulnerabilities have been patched, there is the urgent need for these systems to be updated and the patches applied, in order to safeguard against exploits and possible cyberattacks.
ngCERT has detected over 100 (Critical and high) vulnerabilities primarily affecting Microsoft Windows components like Office and few third-party issues. Key risks include remote code execution (RCE), elevation of privilege (EoP), and zero-day exploits, with high CVSS scores (up to 9.8). Ten critical flaws and eight zero-days were noted, some actively exploited and listed in the US Cybersecurity and Infrastructure Security Agency's catalog. It is pertinent to note that these vulnerabilities have been patched by Microsoft, hence the urgent need for system updates and the application of available patches.
ngCERT has identified a malware tagged Necurs, a family of malware containing rootkit capabilities that was used to form one of the world’s largest criminal botnets. Necurs has both a user and kernel mode component used to access systems at the root level and dynamically load additional modules. It is distributed via exploit kits as well as through other malware such as the Zeus Trojan and has been used to deliver Dridex trojan and Locky malware through spam campaigns. Enforcing a strong password policy and implementing regular password changes as well as enabling a personal firewall on workstation could mitigate Necurs malware effects.
