The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
techjuice.pk

NCERT Issues Red Alert on SAP NetWeaver Vulnerabilities

Pakistan’s National Computer Emergency Response Team (National CERT) has issued a red alert after discovering multiple zero-day vulnerabilities in SAP NetWeaver that could allow unauthenticated remote ...
SecurityWeek

New Exploit Poses Threat to SAP NetWeaver Instances

A new public exploit chains two critical flaws in SAP NetWeaver, exposing unpatched instances to code execution attacks. Dozens of SAP NetWeaver instances are susceptible to compromise after a threat ...
CSOonline

Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack

Attackers tried chaining the just-patched SAP Netweaver bug with the stealthy Auto-Color Linux RAT for a multi-stage compromise. Threat actors recently tried to exploit a freshly patched max-severity ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...
SecurityWeek

Critical Vulnerability Patched in SAP NetWeaver

Enterprise software maker SAP on Tuesday announced the release of 14 new security patches as part of its June 2025 Security Patch Day, including a note addressing a critical-severity vulnerability in ...
搜狐

SAP NetWeaver面临新一轮攻击,勒索软件团伙趁机而入

近期,SAP NetWeaver的安全形势愈加严峻,多个勒索软件团伙开始针对该平台进行攻击。根据网络安全公司ReliaQuest的报告,BianLian和RansomEXX等已知勒索软件家族正在利用SAP NetWeaver Visual Composer中的一个严重漏洞。 这一漏洞被标记为CVE-2025-31324,SAP在4月底已对此进行了 ...
techzine

Ransomware groups join attacks on SAP NetWeaver

Ransomware groups are now also exploiting ongoing attacks on SAP NetWeaver. They are taking advantage of a critical vulnerability that allows attackers to execute code on vulnerable servers remotely.
TechRadar

SAP NetWeaver woes worsen as ransomware gangs join the attack

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...
Infosecurity-magazine.com

SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

Cybersecurity researchers are piling up evidence that a critical vulnerability affecting German software company SAP’s NetWeaver Visual Composer development server is being exploited in the wild by a ...
搜狐

警惕!SAP NetWeaver新漏洞曝光,企业需立即修复

据香港IDC新天域互联了解,近日,SAP公司发布了针对其NetWeaver服务器的第二个零日漏洞的补丁,进一步加强了企业用户的安全防护。这一新漏洞(CVE-2025-42999)在近期攻击中被利用,SAP对此表示高度重视,并呼吁所有用户尽快更新系统。 此次补丁发布是在发现另 ...