News

SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...
SAP patches recently exploited zero-day in wake of NetWeaver server attacks
SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...
SecurityWeek9d
Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise
Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability.
SecurityWeek6d
SAP Zero-Day Targeted Since January, Many Sectors Impacted
A recently disclosed SAP NetWeaver zero-day that has been targeted for remote code execution since January 2025.
Chinese hackers behind attacks targeting SAP NetWeaver servers
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting ...
The Hacker News1d
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.
CSOonline21d
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix ...