BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

We have a pretty tough definition of what a reference customer is. People who are willing to stand up and say we are using NetWeaver, multiple components of NetWeaver, SAP and non-SAP data ...

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability.

"Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated ...

“Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full remote code execution and total system compromise ...

A second wave of cyberattacks is targeting a critical vulnerability in SAP NetWeaver Visual Composer, according to researchers. Following the initial round of threat activity disclosed in April ...

Security researchers warn that hackers are actively exploiting a critical unrestricted-file-upload vulnerability in SAP NetWeaver Visual Composer. The vulnerability, tracked as CVE-2025-31324 ...

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others ...