SAP systems sit at the heart of thousands of enterprises, and they’re under growing threat. 2025 marked a significant shift in the SAP space: More high-severity vulnerabilities are being identified ...

SAP has rolled out security fixes for 13 new security issues, including additional hardening for a maximum-severity bug in SAP NetWeaver AS Java that could result in arbitrary command execution. The ...

As hackers exploit a high-severity vulnerability in SAP’s flagship Enterprise Resource Planning software product, the software maker is warning users of more than two dozen newly detected ...

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...

The critical-severity NetWeaver flaws could be exploited for remote code execution and privilege escalation. SAP on Tuesday announced 21 new and four updated security notes, including four notes that ...

NetWeaver AS Java hole, rated severity 10, allows an unauthenticated attacker to execute arbitrary OS commands, and NTLM bug is rated likely for exploitation, warn security vendors. CISOs with SAP ...

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...

A new backdoor malware campaign targeting Linux systems and exploiting a critical vulnerability in SAP has been uncovered by cybersecurity researchers. The malware, known as Auto-Color, was deployed ...

Ransomware groups and Chinese advanced persistent threat (APT) groups are targeting a critical vulnerability in SAP NetWeaver weeks after it was disclosed and patched by the vendor through an ...

We collaborate with the world's leading lawyers to deliver news tailored for you. Sign Up for any (or all) of our 25+ Newsletters. Some states have laws and ethical rules regarding solicitation and ...

Over 1,200 internet-exposed SAP NetWeaver instances are vulnerable to an actively exploited maximum severity unauthenticated file upload vulnerability that allows attackers to hijack servers. SAP ...

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...