Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP ...

SAP released 16 new security notes on its May 2025 Security Patch Day, including for another critical NetWeaver vulnerability ...

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in ...

BianLian and RansomExx Exploit SAP CVE-2025-31324 for Full Access, Deploy PipeMagic and Brute Ratel in Multi-Nation Attacks.

Threat actors are revisiting SAP NetWeaver instances to leverage webshells deployed via a recent zero-day vulnerability.

SAP NetWeaver instances hacked via CVE-2025-31324 + Confirmed China-nexus APT involvement + Critical infrastructure at risk.

Executive Summary   EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs ...

At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak ...

Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor.

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others ...

The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek ...

Researchers are tracking hundreds of cases around the world and warning that the risk is more serious than previously known.