SAP has released 15 new security notes on the August 2025 Patch Tuesday, including for critical vulnerabilities.

SAP fixed the issue in late April 2025, but at the time, multiple security firms were already seeing attacks in the wild. ReliaQuest, Onapsis, watchTowr, Mandiant, all reported observing threat actors ...

Earlier this week, SAP patched a separate, also critical, zero-day vulnerability in NetWeaver server. This one, it said, was being chained in attacks targeting some of the world’s biggest ...

In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk.

An SAP logo is seen on a building in Frankfurt, Germany, on September 1, 2024. The sotware giant deepened its alliance with AWS to help drive up sales of its cloud-based S/4 HANA ERP solution ...

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE ...

SAP Netweaver Visual Composer users are urged to patch a critical vulnerability that attackers are actively exploiting. According to ReliaQuest, which detected the vulnerability, the attacks allow ...

What NetWeaver BPM Is and Is Not With its NetWeaver BPM announcement, SAP has introduced a “generic business process modeling environment,” Sheina says.

But SAP, in fact, has full confidence in NetWeaver and big plans for it, spokeswoman Shabana Khan said via e-mail. NetWeaver is “the foundational technology to our solutions,” she said.

In late April, security researchers reported that more than 1,200 SAP instances were at risk of being hijacked, due to a maximum severity vulnerability found in NetWeaver Visual Composer’s ...