BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual ...

We have a pretty tough definition of what a reference customer is. People who are willing to stand up and say we are using NetWeaver, multiple components of NetWeaver, SAP and non-SAP data ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

"Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full Remote Code Execution and total system compromise," stated ...

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability.

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

“Unauthenticated attackers can abuse built-in functionality to upload arbitrary files to an SAP NetWeaver instance, which means full remote code execution and total system compromise ...

Security researchers warn that hackers are actively exploiting a critical unrestricted-file-upload vulnerability in SAP NetWeaver Visual Composer. The vulnerability, tracked as CVE-2025-31324 ...

SAP disclosed a 10/10 flaw in NetWeaver Visual Composer The bug allows threat actors to upload malware Researchers claim up to 1,200 instances are vulnerable More than 1,200 SAP instances are at ...

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others ...