Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.

Executive Summary   EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs ...

At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak ...

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others ...

The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a ...

Cybersecurity researchers are piling up evidence that a critical vulnerability affecting German software company SAP’s NetWeaver Visual Composer development server is being exploited in the wild by a ...

Ransomware gangs RansomEXX and BianLian joined ongoing attacks on SAP NetWeaver servers, targeting a critical vulnerability tracked CVE-2025-31324 that enables unauthenticated remote code execution.