Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...
Yahoo

SAP NetWeaver woes worsen as ransomware gangs join the attack

Multiple ransomware operators are trying to take advantage of the recently discovered, maximum severity flaw, affecting SAP NetWeaver Visual Composer. This is according to, among others, ReliaQuest, a ...
The National Law Review

SAP NetWeaver Visual Composer Requires Urgent Patch

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Dark Reading

Critical SAP NetWeaver Vuln Faces Barrage of Cyberattacks

Ransomware groups and Chinese advanced persistent threat (APT) groups are targeting a critical vulnerability in SAP NetWeaver weeks after it was disclosed and patched by the vendor through an ...
CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
CSOonline

Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack

Attackers tried chaining the just-patched SAP Netweaver bug with the stealthy Auto-Color Linux RAT for a multi-stage compromise. Threat actors recently tried to exploit a freshly patched max-severity ...