Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP ...

Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat ...

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek ...

The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 ...

SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day.

At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak ...

Two ransomware groups and several Chinese APTs have been exploiting two recent SAP NetWeaver vulnerabilities. At least two ransomware groups and multiple Chinese APTs have been observed targeting two ...

Executive Summary   EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs ...

SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.