The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
heise online

SAP Patchday: Critical vulnerabilities allow malicious code to be injected

In August, SAP issues 15 new security notes on vulnerabilities in its products. Some of them pose a critical risk. SAP's August Patchday brings 15 new security notes that address, among other things, ...
TechRadar

Hackers hit SAP security bug to send out nasty Linux malware

A critical flaw in SAP NetWeaver is still being abused, months after patching Researchers saw it used to deploy Auto-Color This backdoor remains dormant when not in use A vulnerability in SAP ...
SME

SAP expands in Slovakia despite IT hiring slowdown

Europe’s largest tech firm by market capitalisation – is expanding its Slovak operations, defying a broader slowdown in the country’s IT sector. While many firms are scaling back after years of rapid ...
CSOonline

Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack

Attackers tried chaining the just-patched SAP Netweaver bug with the stealthy Auto-Color Linux RAT for a multi-stage compromise. Threat actors recently tried to exploit a freshly patched max-severity ...
heise online

SAP Patchday: NetWeaver products are vulnerable to malware attacks

On Patchday in July, SAP developers closed a total of five "critical" security vulnerabilities. In the worst case scenario, malicious code can compromise systems. So far, there are no indications that ...
Dezeen

Earth to People binds timber furniture with tree sap

New York design studio Earth to People has swapped synthetic glue for tree sap to bind its debut furniture collection, which features monolithic chairs hand-crafted from centuries-old cedar. Earth to ...
CIO

IBM’s massive SAP S/4HANA migration pays off

Big Blue’s ERP journey has brought efficiencies and easier management, along with practical insights into the challenges its customers face in moving to SAP on the cloud. IBM is at SAP’s Sapphire ...
TechRadar

SAP NetWeaver woes worsen as ransomware gangs join the attack

BianLian, RansomEXX, and others, are jumping the NetWeaver bandwagon In late April, SAP fixed a 10/10 bug in NetWeaver Visual Composer Metadata Uploader Researchers claim there are 1,200 vulnerable ...
Yahoo Finance

SAP NetWeaver exploitation enters second wave of threat activity

This story was originally published on Cybersecurity Dive. To receive daily news and insights, subscribe to our free daily Cybersecurity Dive newsletter. A second wave of cyberattacks is targeting a ...