Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A critical vulnerability in SAP NetWeaver ...

Threat actors are exploiting a zero-day flaw in a partially deprecated SAP tool still widely used by governments and businesses. See Also: Going Beyond the Copilot Pilot - A CISO's Perspective The ...

SAP disclosed a 10/10 flaw in NetWeaver Visual Composer The bug allows threat actors to upload malware Researchers claim up to 1,200 instances are vulnerable More than 1,200 SAP instances are at risk ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.

German software company SAP has finally disclosed and fixed a highly critical vulnerability in the NetWeaver Visual Composer development server after evidence of exploitation in the wild. NetWeaver ...

SAP released 19 patches on Tuesday, including a trio of vulnerabilities marked high severity in its business management software. SAP released 19 patches on Tuesday, fixing a trio of vulnerabilities ...