News

SAP patches recently exploited zero-day in wake of NetWeaver server attacks
SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...
SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...
SecurityWeek9d
Second Wave of Attacks Hitting SAP NetWeaver After Zero-Day Compromise
Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability.
Techzine Europe2d
SAP releases patch for second zero-day vulnerability in NetWeaver
SAP has released security updates to address a second vulnerability recently exploited in attacks on SAP NetWeaver servers.
Bleeping Computer21d
SAP fixes suspected NetWeaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE ...
CSOonline21d
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix ...
SecurityWeek2d
SAP Patches Another Exploited NetWeaver Vulnerability
SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability ...
CSO Online1d
Patch Tuesday for May: Five zero day vulnerabilities CISOs should focus on
CISOs need to pay attention to patching five zero day Windows vulnerabilities and two other holes with available ...
Infosecurity Magazine21h
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 ...