Tag: sap
-
News brief: Patch critical SAP, Samsung and chat app flaws now
Check out the latest security news from the Informa TechTarget team. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366623968/News-brief-Patch-critical-SAP-Samsung-and-chat-app-flaws-now
-
SAP Patchday Mai 2025 – Update für kritische NetWeaver-Schwachstelle
First seen on security-insider.de Jump to article: www.security-insider.de/sap-sicherheitsupdates-mai-2025-patchday-a-f29f32ffb3db6ba91d3f3e9042755b5a/
-
U.S. CISA adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA)added Google Chromium, DrayTek routers, and SAP NetWeaver flaws to its Known Exploited Vulnerabilities (KEV) catalog. Below are the descriptions for these flaws: According toBinding Operational…
-
SAP NetWeaver flaw exploited by ransomware groups BianLian, RansomEXX
First seen on scworld.com Jump to article: www.scworld.com/news/sap-netweaver-flaw-exploited-by-ransomware-groups-bianlian-ransomexx
-
Breach Roundup: SAP NetWeaver Flaw Draws Hackers
Tags: breach, conference, credentials, flaw, hacker, ivanti, microsoft, north-korea, russia, sap, zero-dayAlso, DOGE Employee’s Credentials Found in Infostealer Dumps. This week, SAP NetWeaver flaw drew hackers, zero-days in Ivanti EPMM, DOGE employee’s credentials found in infostealer dumps and Nucor halted operations. North Korean hackers targeted South Koreans with fake conference invites, Russian hackers targeted webmail servers and Microsoft fixed 72 flaws. First seen on govinfosecurity.com Jump…
-
SAP cyberattack widens, drawing Salt Typhoon and Volt Typhoon comparisons
Multiple firms are tracking the zero-day attacks on Europe’s top software firm. First seen on cyberscoop.com Jump to article: cyberscoop.com/sap-cyberattack-widens-drawing-salt-typhoon-and-volt-typhoon-comparisons/
-
Critical SAP NetWeaver Vuln Faces Barrage of Cyberattacks
As threat actors continue to hop on the train of exploiting CVE-2025-31324, researchers are recommending that SAP administrators patch as soon as possible so that they don’t fall victim next. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/critical-sap-netweaver-vuln-cyberattacks
-
SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers
The critical vulnerability is being exploited by BianLian, RansomwEXX and a Chinese nation-state actor known as Chaya_004 First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/sap-netweaver-vulnerability/
-
Ransomware gangs join ongoing SAP NetWeaver attacks
Ransomware gangs have joined ongoing SAP NetWeaver attacks, exploiting a maximum-severity vulnerability that allows threat actors to gain remote code execution on vulnerable servers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ransomware-gangs-join-ongoing-sap-netweaver-attacks/
-
BianLian and RansomExx Exploit SAP NetWeaver Flaw to Deploy PipeMagic Trojan
At least two different cybercrime groups BianLian and RansomExx are said to have exploited a recently disclosed security flaw in SAP NetWeaver, indicating that multiple threat actors are taking advantage of the bug.Cybersecurity firm ReliaQuest, in a new update published today, said it uncovered evidence suggesting involvement from the BianLian data extortion crew and the…
-
Neue EU-Schwachstellen-Datenbank geht an den Start
Tags: bug, cve, cvss, cybersecurity, cyersecurity, governance, government, infrastructure, mitre, nis-2, risk, sap, software, technology, tool, vulnerabilityDie neue EU-Schwachstellen-Datenbank EUVD soll das CVE-Programm ergänzen.Seit dieser Woche verfügt die Technologiebranche über eine neue Datenbank, um die neuesten Sicherheitslücken in Software zu überprüfen: die European Union Vulnerability Database (EUVD). Das Programm wurde von der Europäischen Agentur für Cybersicherheit (ENISA) zur Umsetzung der EU-Cybersicherheitsrichtlinie NIS2 eingerichtet.Hier stellt sich die Frage: Warum braucht es ein…
-
Chinese Hackers Exploit SAP NetWeaver Zero-Day Vulnerability to Target Critical Infrastructure
Tags: china, cve, cyber, espionage, exploit, flaw, hacker, infrastructure, remote-code-execution, sap, threat, vulnerability, zero-dayEclecticIQ analysts have uncovered a sophisticated cyber-espionage campaign orchestrated by China-nexus nation-state Advanced Persistent Threats (APTs) targeting critical infrastructure worldwide. In April 2025, these threat actors launched a high-tempo exploitation campaign against SAP NetWeaver Visual Composer, exploiting a zero-day vulnerability identified as CVE-2025-31324. This unauthenticated file upload flaw allows remote code execution (RCE), providing attackers…
-
SAP patches second zero-day flaw exploited in recent attacks
SAP has released patches to address a second vulnerability exploited in recent attacks targeting SAP NetWeaver servers as a zero-day. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/sap-patches-second-zero-day-flaw-exploited-in-recent-attacks/
-
China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide
Tags: apt, breach, china, cve, exploit, flaw, infrastructure, remote-code-execution, sap, vulnerabilityA recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.”Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today.Targets of the campaign First seen on thehackernews.com Jump to article:…
-
China-Nexus Nation State Actors Exploit SAP NetWeaver (CVE-2025-31324) to Target Critical Infrastructures
Tags: access, api, apt, attack, authentication, backdoor, backup, breach, business, china, cloud, control, cve, cyber, data, data-breach, detection, dns, encryption, endpoint, espionage, exploit, finance, firewall, fortinet, google, government, group, infection, infrastructure, intelligence, Internet, ivanti, linux, malicious, malware, mandiant, military, network, open-source, programming, rat, remote-code-execution, reverse-engineering, risk, rust, sap, service, strategy, tactics, threat, tool, update, vmware, vpn, vulnerability, windows, zero-dayExecutive Summary EclecticIQ analysts assess with high confidence that, in April 2025, China-nexus nation-state APTs (advanced persistent threat) launched high-temp exploitation campaigns against critical infrastructure networks by targeting SAP NetWeaver Visual Composer. Actors leveraged CVE-2025-31324 [1], an unauthenticated file upload vulnerability that enables remote code execution (RCE). This assessment is based on a publicly…
-
SecurityBridge: Verbesserte SAP-Sicherheit mit Microsoft Sentinel
Diese Flexibilität stellt sicher, dass Unternehmen die Integration auf ihre spezifischen Bedürfnisse zuschneiden können und sowohl lokale als auch Cloud-basierte SAP-Systeme unterstützen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/securitybridge-verbesserte-sap-sicherheit-mit-microsoft-sentinel/a40772/
-
Compromised SAP NetWeaver instances are ushering in opportunistic threat actors
A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. >>[The] attacks [are] staged by follow-on, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/12/compromised-sap-netweaver-instances-attacks-opportunistic-threat-actors/
-
SAP NetWeaver bug exploited since January, allows RCE
First seen on scworld.com Jump to article: www.scworld.com/news/sap-netweaver-bug-exploited-since-january-allows-rce
-
EY and DXC Expand SAP Migration Support Ahead of 2027 Deadline
Tags: sapFirst seen on scworld.com Jump to article: www.scworld.com/brief/ey-and-dxc-expand-sap-migration-support-ahead-of-2027-deadline
-
SAP NetWeaver exploitation enters second wave of threat activity
Researchers are tracking hundreds of cases around the world and warning that the risk is more serious than previously known. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/sap-netweaver-exploitation-second-wave/747661/
-
Chinese hackers behind attacks targeting SAP NetWeaver servers
Forescout Vedere Labs security researchers have linked ongoing attacks targeting a maximum severity vulnerability impacting SAP NetWeaver instances to a Chinese threat actor. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-behind-attacks-targeting-sap-netweaver-servers/
-
Chinese Hackers Exploit SAP RCE Vulnerability to Deploy Supershell Backdoors
A critical remote code execution (RCE) vulnerability, identified as CVE-2025-31324, in SAP NetWeaver Visual Composer 7.x is being actively exploited by a Chinese threat actor, tracked as Chaya_004. This deserialization flaw allows attackers to upload malicious binaries, including web shells, to unpatched servers, granting full system takeover capabilities. According to research from Forescout, exploitation has…
-
Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell
A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.Forescout Vedere Labs, in a report published today, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.CVE-2025-31324 refers to a critical SAP NetWeaver flaw First…
-
Second Wave of Attacks Targets SAP NetWeaver
First seen on scworld.com Jump to article: www.scworld.com/brief/second-wave-of-attacks-targets-sap-netweaver
-
Experts warn of a second wave of attacks targeting SAP NetWeaver bug CVE-2025-31324
Threat actors launch second wave of attacks on SAP NetWeaver, exploiting webshells from a recent zero-day vulnerability. In April, ReliaQuest researchers warned that a zero-day vulnerability, tracked as CVE-2025-31324 (CVSS score of 10/10), in SAP NetWeaver is potentially being exploited. Thousands of internet-facing applications are potentially at risk. The flaw in SAP NetWeaver Visual Composer Metadata Uploader…
-
Schwachstelle in SAP-Netweaver-Visual-Composer ermöglicht Cyberkriminellen die Ausführung von Remotecode
Eine kritische Schwachstelle für den Datei-Upload mit einem CVSS-Score von 10,0 betrifft die Metadaten-Uploader-Komponente des SAP-NetWeaver-Visual-Composer. Als besonders schwerwiegende Sicherheitslücke vereint die Schwachstelle CVE-2025-31324 mehrere sehr große Risikofaktoren: Sie weist den maximalen CVSS-Score auf, benötigt keine Authentifizierung, betrifft ein in vielen großen Unternehmen weit verbreitetes Produkt und wurde bereits aktiv für die Ausführung von Remotecodes…
-
Week in review: Critical SAP NetWeaver flaw exploited, RSAC 2025 Conference
Here’s an overview of some of last week’s most interesting news, articles, interviews and videos: RSAC 2025 Conference RSAC 2025 Conference took place at the Moscone Center in … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/04/week-in-review-critical-sap-netweaver-flaw-exploited-rsac-2025-conference/
-
IoC Scanner for SAP Zero-Day (CVE-2025-31324) available
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/ioc-scanner-sap-zero-day-available
-
Indicators of Compromise Scanner für SAP Zero-Day (CVE-2025-31324)
First seen on datensicherheit.de Jump to article: www.datensicherheit.de/ioc-scanner-sap-zero-day-cve-2025-31324