TechRadar

Three critical vulnerabilities patched by SAP - here's what we know

SAP’s December update patched 14 flaws, including three critical vulnerabilities in key products CVE‑2025‑42880 (9.9) in SAP Solution Manager allows code injection and full system compromise ...
shine.com

Top 25 SAP Basis Interview Questions & Answers

SAP basis acts as an operating structure or a stage for SAP applications to run. It supports the complete range of SAP applications. 2. Explain private mode? In private mode, the heap data is wholly ...
Bleeping Computer

SAP fixes maximum severity NetWeaver command execution flaw

SAP has addressed 21 new vulnerabilities affecting its products, including three critical severity issues impacting the NetWeaver software solution. SAP NetWeaver is the foundation for SAP's business ...
Infosecurity-magazine.com

Public Exploit Released for Critical SAP NetWeaver Flaw

A critical vulnerability in SAP NetWeaver AS Java Visual Composer, tracked as CVE-2025-31324, is now being widely exploited following the release of public exploit tooling. The flaw, patched in April ...
CSOonline

June Patch Tuesday advice for CSOs: Defense-in-depth needed to stop RCEs

This month’s Patch Tuesday fixes highlight a troubling pattern of remote code execution (RCE) holes being found in Microsoft’s core enterprise products, says an expert. “This trend reinforces the need ...
Dark Reading

Critical SAP NetWeaver Vuln Faces Barrage of Cyberattacks

Ransomware groups and Chinese advanced persistent threat (APT) groups are targeting a critical vulnerability in SAP NetWeaver weeks after it was disclosed and patched by the vendor through an ...
Infosecurity-magazine.com

SAP NetWeaver Flaw Exploited by Ransomware Groups and Chinese-Backed Hackers

Cybersecurity researchers are piling up evidence that a critical vulnerability affecting German software company SAP’s NetWeaver Visual Composer development server is being exploited in the wild by a ...
TechRadar

SAP patches recently exploited zero-day in wake of NetWeaver server attacks

SAP fixed CVE-2025-42999, a 9.1/10 vulnerability in NetWeaver This one was chained with CVE-2025-31324, which was fixed in April Fortune 500 companies are apparently at risk SAP has patched a critical ...
Cyber Wire

Less CISA, more private sector power?

DHS Secretary Kristi Noem justifies budget cuts in her RSAC keynote. The EFF pens an open letter to Trump backing Chris Krebs. Scattered Spider is credited with the Marks & Spencer cyberattack.
Dark Reading

SAP NetWeaver Visual Composer Flaw Under Active Exploitation

Attackers are actively exploiting a recently patched zero-day vulnerability in SAP's NetWeaver Visual Composer Web-based software modeling tool. CVE-2025-31324 is a critical vulnerability with a ...
CSOonline

SAP patches severe vulnerabilities in NetWeaver and Commerce apps

The enterprise software vendor bundled 25 security patches into its March update, addressing flaws that impact middleware, interfaces, custom apps, and more. SAP has patched high-severity ...