BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual ...

SAP NetWeaver flaw drew hackers, zero days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor ...

The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability ...

SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.

Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. At least two ransomware groups and multiple Chinese APTs have been observed targeting two ...

Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting ...

SAP released an out-of-band fix that’s available through its support portal and it should be applied ... to upload arbitrary files to an SAP NetWeaver instance, which means full remote code ...

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE ...

A second wave of cyberattacks is targeting a critical vulnerability in SAP NetWeaver Visual Composer, according to researchers. Following the initial round of threat activity disclosed in April ...