SAP fixes critical Netweaver flaw exploited in attacks

Published on April 25, 2025

SAP has released out-of-band emergency updates for NetWeaver to fix an actively exploited remote code execution (RCE) vulnerability used to hijack servers. [...]

Continue reading on website
Other news

SAP Confirms Critical NetWeaver Flaw Amid Suspected Zero-Day Exploitation by Hackers

April 25, 2025
Threat actors are likely exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells with the goal of facilitating unauthorized file uploads and code execution. "The exploitation is likely tied to either a previously disclosed vulnerability like CVE-2017-9844 or an unreported remote file inclusion (RFI) issue," ReliaQuest said in a report published this week.The cybersecurity

North Korean Hackers Spread Malware via Fake Crypto Firms and Job Interview Lures

April 25, 2025
North Korea-linked threat actors behind the Contagious Interview have set up front companies as a way to distribute malware during the fake hiring process."In this new campaign, the threat actor group is using three front companies in the cryptocurrency consulting industry—BlockNovas LLC (blocknovas[.] com), Angeloper Agency (angeloper[.]com), and SoftGlide LLC (softglide[.]co)—to spread