Tag: sap
-
Ransomware gangs join ongoing SAP NetWeaver attacks
by
in SecurityNewsRansomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/
-
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
by
in SecurityNewsAt least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug.Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the…
-
Neue EU-Schwachstellen-Datenbank geht an den Start
by
in SecurityNews
Tags: bug, cve, cvss, cybersecurity, cyersecurity, governance, government, infrastructure, mitre, nis-2, risk, sap, software, technology, tool, vulnerabilityDie neue EU-Schwachstellen-Datenbank EUVD soll das CVE-Programm ergänzen.Seit dieser Woche verfügt die Technologiebranche über eine neue Datenbank, um die neuesten Sicherheitslücken in Software zu überprüfen: die European Union Vulnerability Database (EUVD). Das Programm wurde von der Europäischen Agentur für Cybersicherheit (ENISA) zur Umsetzung der EU-Cybersicherheitsrichtlinie NIS2 eingerichtet.Hier stellt sich die Frage: Warum braucht es ein…
-
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
by
in SecurityNews
Tags: china, cve, cyber, espionage, exploit, flaw, hacker, infrastructure, remote-code-execution, sap, threat, vulnerability, zero-dayEclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat actors launched a high-tempo exploitation campaign against SAP NetWeaver Visual Composer, exploiting a zero-day vulnerability identified as CVE-2025-31324. This unauthenticated file upload flaw allows remote code execution (RCE), providing attackers…
-
SAP patches second zero-day flaw exploited in recent attacks
by
in SecurityNewsSAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sap-patches-second-zero-day-flaw-exploited-in-recent-attacks/
-
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
by
in SecurityNews
Tags: apt, breach, china, cve, exploit, flaw, infrastructure, remote-code-execution, sap, vulnerabilityA recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.”Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today.Targets of the campaign First seen on thehackernews.com Jump to article:…
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
by
in SecurityNews
Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-dayExecutive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…
-
SecurityBridge: Verbesserte SAP-Sicherheit mit Microsoft Sentinel
by
in SecurityNewsDiese Flexibilität stellt sicher, dass Unternehmen die Integration auf ihre spezifischen Bedürfnisse zuschneiden können und sowohl lokale als auch Cloud-basierte SAP-Systeme unterstützen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/securitybridge-verbesserte-sap-sicherheit-mit-microsoft-sentinel/a40772/
-
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
by
in SecurityNewsA second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. >>[The] attacks [are] staged by follow-on, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/
-
SAP NetWeaver bug exploited since January, allows RCE
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/sap-netweaver-bug-exploited-since-january-allows-rce
-
EY and DXC Expand SAP Migration Support Ahead of 2027 Deadline
by
in SecurityNews
Tags: sapFirst seen on scworld.com Jump to article: www.scworld.com/brief/ey-and-dxc-expand-sap-migration-support-ahead-of-2027-deadline
-
SAP NetWeaver exploitation enters second wave of threat activity
by
in SecurityNewsResearchers are tracking hundreds of cases around the world and warning that the risk is more serious than previously known. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sap-netweaver-exploitation-second-wave/747661/
-
Chinese hackers behind attacks targeting SAP NetWeaver servers
by
in SecurityNewsForescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-behind-attacks-targeting-sap-netweaver-servers/
-
Chinese Hackers Exploit SAP RCE Vulnerability to Deploy Supershell Backdoors
by
in SecurityNewsA critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual Composer 7.x is being actively exploited by a Chinese threat actor, tracked as Chaya_004. This deserialization flaw allows attackers to upload malicious binaries, including web shells, to unpatched servers, granting full system takeover capabilities. According to research from Forescout, exploitation has…
-
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
by
in SecurityNewsA China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.CVE-2025-31324 refers to a critical SAP NetWeaver flaw First…
-
Second Wave of Attacks Targets SAP NetWeaver
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/second-wave-of-attacks-targets-sap-netweaver
-
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
by
in SecurityNewsThreat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest researchers warned that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk. The flaw in SAP NetWeaver Visual Composer Metadata Uploader…
-
Schwachstelle in SAP-Netweaver-Visual-Composer ermöglicht Cyberkriminellen die Ausführung von Remotecode
by
in SecurityNewsEine kritische Schwachstelle für den Datei-Upload mit einem CVSS-Score von 10,0 betrifft die Metadaten-Uploader-Komponente des SAP-NetWeaver-Visual-Composer. Als besonders schwerwiegende Sicherheitslücke vereint die Schwachstelle CVE-2025-31324 mehrere sehr große Risikofaktoren: Sie weist den maximalen CVSS-Score auf, benötigt keine Authentifizierung, betrifft ein in vielen großen Unternehmen weit verbreitetes Produkt und wurde bereits aktiv für die Ausführung von Remotecodes…
-
Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference
by
in SecurityNewsHere’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/04/week-in-review-critical-sap-netweaver-flaw-exploited-rsac-2025-conference/
-
IoC Scanner for SAP Zero-Day (CVE-2025-31324) available
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/ioc-scanner-sap-zero-day-available
-
Indicators of Compromise Scanner für SAP Zero-Day (CVE-2025-31324)
by
in SecurityNewsFirst seen on datensicherheit.de Jump to article: www.datensicherheit.de/ioc-scanner-sap-zero-day-cve-2025-31324
-
TCS Expands SAP Partnership to Drive Cloud Migration and AI-Powered Transformation
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/tcs-expands-sap-partnership-to-drive-cloud-migration-and-ai-powered-transformation
-
Sicherheitslücke ermöglicht Systemkontrolle – Notfallpatch für kritische Zero-Day-Schwachstelle in SAP NetWeaver
by
in SecurityNewsFirst seen on security-insider.de Jump to article: www.security-insider.de/kritische-sicherheitsluecke-sap-netweaver-notfall-patch-a-0ea1dd66a85bfdbb1f30565bc8b6ef22/
-
U.S. CISA adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog
by
in SecurityNewsU.S. Cybersecurity and Infrastructure Security Agency (CISA) adds SAP NetWeaver flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added SAP NetWeaver flaw, tracked as CVE-2025-31324, to its Known Exploited Vulnerabilities (KEV) catalog. Last week, researchers warned that a zero-day vulnerability, tracked asCVE-2025-31324(CVSS score of 10/10), in SAP NetWeaver is…
-
Over 400 servers found to be exposed to SAP NetWeaver bug
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/news/over-400-servers-found-to-be-exposed-to-sap-netweaver-bug
-
SAP NetWeaver Visual Composer Flaw Under Active Exploitation
CVE-2025-31324 is a maximum severity bug that attackers exploited weeks before SAP released a patch for it. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/sap-netweaver-visual-composer-flaw-active-exploitation
-
Threat Actors Hacking SAP Critical Zero-Day
by
in SecurityNewsUnauthenticated Hackers Exploit CVE-2025-31324 to Upload Webshells. Threat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. On Friday, SAP’s security division, Onapsis, disclosed that CVE-2025-31324 is actively exploited in the wild. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/threat-actors-hacking-sap-critical-zero-day-a-28098
-
Over 1,200 SAP NetWeaver servers vulnerable to actively exploited flaw
by
in SecurityNewsOver 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-1-200-sap-netweaver-servers-vulnerable-to-actively-exploited-flaw/
-
Breaking Down CVE-2025-31324 A Clear Threat to SAP Business Operations
by
in SecurityNewsWhen a vulnerability is rated 9.9 out of 10 on the CVSS scale, it deserves immediate attention. CVE-2025-31324 affects SAP NetWeaver AS Java, a platform many businesses rely on every… The post Breaking Down CVE-2025-31324 A Clear Threat to SAP Business Operations appeared first on Strobes Security. First seen on securityboulevard.com Jump to article: https://securityboulevard.com/2025/04/breaking-down-cve-2025-31324-a-clear-threat-to-sap-business-operations/