The Hacker News

New SAP NetWeaver Bug Lets Attackers Take Over Servers Without Login

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...
Ars Technica

SAP warns of high-severity vulnerabilities in multiple products

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the software maker is warning users of more than two dozen newly detected ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
SecurityWeek

SAP Patches Critical NetWeaver Vulnerabilities

The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation. SAP on Tuesday announced 21 new and four updated security notes, including four notes that ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
CSOonline

Auto-Color RAT targets SAP NetWeaver bug in an advanced cyberattack

Attackers tried chaining the just-patched SAP Netweaver bug with the stealthy Auto-Color Linux RAT for a multi-stage compromise. Threat actors recently tried to exploit a freshly patched max-severity ...
SiliconANGLE

Researchers uncover weak encryption in SAP user interface for Windows and Java

SAP SE today addressed two newly disclosed vulnerabilities in its SAP Graphical User Interface client applications following their discovery in coordinated research by Pathlock Inc. and Fortinet Inc.
IEEE

THe Design Of Web Dynpro Java Based Warehouse Management System

Abstract: With the continuous development of information technology, warehouse management information system is advancing more and more professionally when an increasing number of enterprises increase ...
Dark Reading

Critical SAP NetWeaver Vuln Faces Barrage of Cyberattacks

Ransomware groups and Chinese advanced persistent threat (APT) groups are targeting a critical vulnerability in SAP NetWeaver weeks after it was disclosed and patched by the vendor through an ...
The National Law Review

SAP NetWeaver Visual Composer Requires Urgent Patch

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...
Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...