News

SAP NetWeaver woes worsen as ransomware gangs join the attack
Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP ...
The Hacker News18h
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.
SAP patches recently exploited zero-day in wake of NetWeaver server attacks
SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...
Infosecurity Magazine1d
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 ...
Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat ...
Warning of attacks on new SAP Netweaver vulnerability, Chrome and Draytek router
The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek ...
SecurityWeek2d
SAP Patches Another Exploited NetWeaver Vulnerability
SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability ...
The Hacker News2d
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.
SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a ...
SAP Netweaver gap: Ransomware groups jump on the bandwagon
At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak ...