News

SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...
TechRadar2d
SAP patches recently exploited zero-day in wake of NetWeaver server attacks
a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a critical-severity zero-day ...
SAP NetWeaver woes worsen as ransomware gangs join the attack
The bug stems from the fact that the uploader was not protected with proper authorization, allowing unauthenticated actors to ...
SecurityWeek6d
SAP Zero-Day Targeted Since January, Many Sectors Impacted
A recently disclosed SAP NetWeaver zero-day that has been targeted for remote code execution since January 2025.
SecurityWeek20h
Ransomware Groups, Chinese APTs Exploit Recent SAP NetWeaver Flaws
Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. At least two ransomware groups and multiple Chinese APTs have been observed targeting two ...
Chinese hackers behind attacks targeting SAP NetWeaver servers
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting ...
The Hacker News1d
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.
Infosecurity Magazine1d
Microsoft Fixes Seven Zero-Days in May Patch Tuesday
Microsoft has released security updates to fix seven zero-day vulnerabilities, five of which are under active exploitation.