Advertisement · 728 × 90
#
Hashtag
#CVE202531324
Advertisement · 728 × 90
The Daily Tech Feed
The Daily Tech Feed
@thedailytechfeed.com
8 months ago
Post image

Critical SAP NetWeaver flaw exploited to deploy Auto-Color malware in U.S. chemical firm. Stay vigilant and patch promptly. #CyberSecurity #SAPNetWeaver #AutoColorMalware #CVE202531324 Link: thedailytechfeed.com/exploitation...

0 0 0 0
TechNadu
TechNadu
@technadu.com
8 months ago
Auto-Color RAT Exploits SAP NetWeaver Vulnerability in Stealthy Attacks

Auto-Color RAT Exploits SAP NetWeaver Vulnerability in Stealthy Attacks

Auto-Color RAT exploited CVE-2025-31324 in SAP NetWeaver to hit a U.S. chemical firm. Stealthy, evasive, and now a threat to critical infra.

Experts urge urgent patching and monitoring.

📖 Read the full story:
www.technadu.com/auto-color-r...

#AutoColor #LinuxMalware #CVE202531324 #SAPNetWeaver

0 0 0 0
piggo
piggo
@pigondrugs.bsky.social
10 months ago
China-Nexus APTs Exploit SAP NetWeaver RCE (CVE-2025-31324)

~Eclecticiq~
China-nexus APTs exploit SAP NetWeaver RCE (CVE-2025-31324) to breach critical infrastructure & deploy malware.
-
IOCs: 15. 204. 56. 106, 43. 247. 135. 53, 103. 30. 76. 206
-
#CVE202531324 #CriticalInfrastructure #SAP #ThreatIntel

0 0 0 0
@matricedigitale.bsky.social
10 months ago
Post image

Una vulnerabilità critica nei server SAP viene sfruttata da un gruppo cinese per impiantare backdoor e compromettere aziende manifatturiere globali

#apt #Chaya_004 #cina #CVE202531324 #exploitJSP #Forescout #guerracibernetica #SAPNetWeaver #Supershell
www.matricedigitale.it/sicurezza-in...

0 0 0 0
CySecurity News
CySecurity News
@cysecuritynews.bsky.social
11 months ago
Preview
Over 1,200 SAP Instances Exposed to Critical Vulnerability Exploited in the Wild   Security researchers have issued a warning about a severe vulnerability affecting SAP systems, with over 1,200 instances potentially exposed to remote exploitation. This comes after SAP disclosed a critical flaw in the NetWeaver Visual Composer’s Metadata Uploader earlier this week. The NetWeaver Visual Composer is a development environment designed for building web-based business applications without coding. It is widely used to develop dashboards, forms, and interactive reports. The Metadata Uploader enables developers to import external metadata into the platform, establishing connections with remote data sources such as databases, web services, and other SAP systems. SAP has identified the vulnerability as CVE-2025-31324, assigning it the highest severity rating of 10 out of 10. The flaw arises due to a lack of authentication in the Metadata Uploader, allowing attackers to upload malicious files without needing authorization. Cybersecurity company Keeper, known for its password management and digital vault solutions, highlights the growing need for secure authentication frameworks. The platform utilizes zero-knowledge encryption and provides tools such as two-factor authentication, secure storage, dark web monitoring, and breach alerts. Upon discovering the issue, SAP first released a workaround, followed by a comprehensive patch in late April. The company is now urging all users to implement the fix immediately. Multiple cybersecurity firms — including ReliaQuest, watchTowr, and Onapsis — have observed real-world exploitation of the flaw. According to reports, attackers have been using it to deploy web shells on compromised servers. SAP, however, stated to BleepingComputer: "It is not aware of any attacks that impacted customer data or systems." There is some discrepancy in the actual number of affected systems. While the Shadowserver Foundation identified 427 exposed servers, Onyphe reports as many as 1,284 vulnerable SAP instances, with 474 already compromised.

Over 1,200 SAP Instances Exposed to Critical Vulnerability Exploited in the Wild #Authentication #Breach #CVE202531324

0 0 0 0
SOC Prime
SOC Prime
@socprime.com
11 months ago
Preview
CVE-2025-31324 Detection: SAP NetWeaver Zero-Day Under Active Exploitation Exposes Critical Systems to Remote Code Execution  | SOC Prime Detect CVE-2025-31324 exploitation, max-severity vulnerability in SAP NetWeaver, using a set of Sigma rules in the SOC Prime Platform.

Detect CVE-2025-31324 exploits — a max-severity zero-day in SAP NetWeaver enabling RCE and full system compromise — with a set of Sigma rules in the SOC Prime Platform.

Sigma Rules: tdm.socprime.com/zeptolink/po...
Details: socprime.com/blog/detect-...

#CVE #CVE202531324 #ZeroDay #SigmaRules

2 0 0 0
Insights Into Things Podcasts
Insights Into Things Podcasts
@insightsintothings.com
11 months ago
Preview
SAP zero-day vulnerability under widespread active exploitation Researchers attribute the attacks to an initial access broker who is exploiting the 10.0 critical vulnerability.

Widespread attacks are exploiting a critical SAP NetWeaver zero-day (CVE-2025-31324), allowing remote code execution and full system compromise. Urgent patching is advised. #CyberSecurity #SAP #ZeroDay #CVE202531324 #Infosec #DataBreach cyberscoop.com/sap-netweave...

0 0 0 0