BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

Microsoft has released security updates to fix seven zero-day vulnerabilities, five of which are under active exploitation.

After the CVE’s program’s near-death experience in April, might the Europeans be looking for a more reliable long-term system ...

That means the potential for ransomware deployment and lateral ... issue and the verbiage used by ReliaQuest in its writeup of a mystery vulnerability in SAP NetWeaver, published earlier this week.

SAP has released emergency patches for a critical zero-day vulnerability in NetWeaver. The security flaw allows malicious ... This security fix was released after SAP’s regular April 2025 update, ...

Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the ... and environments in your modern tech stack, and managing them means understanding this ...

Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat ...

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability.