SAP patches critical NetWeaver and S/4HANA flaws (CVSS 8.1–10.0), preventing code execution, file upload, and data loss.

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the ...

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. Dozens of SAP NetWeaver instances are susceptible to compromise after a threat ...

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.

Attackers tried chaining the just-patched SAP Netweaver bug with the stealthy Auto-Color Linux RAT for a multi-stage compromise. Threat actors recently tried to exploit a freshly patched max-severity ...

Enterprise software maker SAP on Tuesday announced the release of 14 new security patches as part of its June 2025 Security Patch Day, including a note addressing a critical-severity vulnerability in ...

The US IT security authority CISA warns of attacks on a new SAP Netweaver vulnerability as well as on Chrome and Draytek routers. The US Cybersecurity Agency, CISA, is currently warning of observed ...

近期，SAP NetWeaver的安全形势愈加严峻，多个勒索软件团伙开始针对该平台进行攻击。根据网络安全公司ReliaQuest的报告，BianLian和RansomEXX等已知勒索软件家族正在利用SAP NetWeaver Visual Composer中的一个严重漏洞。 这一漏洞被标记为CVE-2025-31324，SAP在4月底已对此进行了 ...

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...

Cybersecurity researchers are piling up evidence that a critical vulnerability affecting German software company SAP’s NetWeaver Visual Composer development server is being exploited in the wild by a ...