At the end of April, SAP had to close a critical security gap in Netweaver. Ransomware groups are now also attacking the leak.

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...

Use precise geolocation data and actively scan device characteristics for identification. This is done to store and access information on a device and to provide personalised ads and content, ad and ...

A second wave of cyberattacks is targeting a critical vulnerability in SAP NetWeaver Visual Composer, according to researchers. Following the initial round of threat activity disclosed in April ...

Security researchers warn that hackers are actively exploiting a critical unrestricted-file-upload vulnerability in SAP NetWeaver Visual Composer. The vulnerability, tracked as CVE-2025-31324 ...

SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw actively exploited to hijack servers. The vulnerability, tracked under CVE ...

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers.

Attackers have been exploiting a critical zero-day vulnerability in the Visual Composer component of the SAP NetWeaver application server since early this week. SAP released an out-of-band fix ...