News

Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat ...
SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...
SAP NetWeaver woes worsen as ransomware gangs join the attack
BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual ...
SAP patches recently exploited zero-day in wake of NetWeaver server attacks
SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...
SecurityWeek13d
SAP Patches Another Exploited NetWeaver Vulnerability
SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability.
ZDNet21y
SAP’s NetWeaver Part 1: A New Architecture for SAP, But Is It for Customers?
The Bottom Line: Putting the confusing marketing of its parts aside, NetWeaver constitutes SAP’s new services-oriented architecture. Customers should approach and regard NetWeaver in much the ...
The Hacker News12d
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.
CSOonline1mon
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix ...