MastodonTech.de

The New Oil<a href="https://mastodon.thenewoil.org/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> fixes maximum severity <a href="https://mastodon.thenewoil.org/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a> command execution flaw<a href="https://www.bleepingcomputer.com/news/security/sap-fixes-maximum-severity-netweaver-command-execution-flaw/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/sap-fixes-maximum-severity-netweaver-command-execution-flaw/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a>

The New OilHackers exploit <a href="https://mastodon.thenewoil.org/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> <a href="https://mastodon.thenewoil.org/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a> bug to deploy <a href="https://mastodon.thenewoil.org/tags/Linux" class="mention hashtag" rel="nofollow noopener" target="_blank">#Linux</a> <a href="https://mastodon.thenewoil.org/tags/AutoColor" class="mention hashtag" rel="nofollow noopener" target="_blank">#AutoColor</a> <a href="https://mastodon.thenewoil.org/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a><a href="https://www.bleepingcomputer.com/news/security/hackers-exploit-sap-netweaver-bug-to-deploy-linux-auto-color-malware/" rel="nofollow noopener" translate="no" target="_blank">https://www.bleepingcomputer.com/news/security/hackers-exploit-sap-netweaver-bug-to-deploy-linux-auto-color-malware/</a><a href="https://mastodon.thenewoil.org/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#cybersecurity</a> <a href="https://mastodon.thenewoil.org/tags/FOSS" class="mention hashtag" rel="nofollow noopener" target="_blank">#FOSS</a>

Marcel SIneM(S)USWarnung vor Angriffen auf neue <a href="https://social.tchncs.de/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a>-<a href="https://social.tchncs.de/tags/Netweaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#Netweaver</a>-Lücke, <a href="https://social.tchncs.de/tags/Chrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#Chrome</a> und <a href="https://social.tchncs.de/tags/Draytek" class="mention hashtag" rel="nofollow noopener" target="_blank">#Draytek</a>-Router | Security <a href="https://www.heise.de/news/Warnung-vor-Angriffen-auf-neue-SAP-Netweaver-Luecke-Chrome-und-Draytek-Router-10385563.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/Warnung-vor-Angriffen-auf-neue-SAP-Netweaver-Luecke-Chrome-und-Draytek-Router-10385563.html</a> <a href="https://social.tchncs.de/tags/Patchday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Patchday</a> <a href="https://social.tchncs.de/tags/SAPNetweaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAPNetweaver</a> <a href="https://social.tchncs.de/tags/Vigor2960" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vigor2960</a> <a href="https://social.tchncs.de/tags/Vigor300B" class="mention hashtag" rel="nofollow noopener" target="_blank">#Vigor300B</a> <a href="https://social.tchncs.de/tags/DraytekVigor2960" class="mention hashtag" rel="nofollow noopener" target="_blank">#DraytekVigor2960</a> <a href="https://social.tchncs.de/tags/DraytekVigor300B" class="mention hashtag" rel="nofollow noopener" target="_blank">#DraytekVigor300B</a> <a href="https://social.tchncs.de/tags/Google" class="mention hashtag" rel="nofollow noopener" target="_blank">#Google</a> :google: <a href="https://social.tchncs.de/tags/GoogleChrome" class="mention hashtag" rel="nofollow noopener" target="_blank">#GoogleChrome</a> <a href="https://social.tchncs.de/tags/ChromeBrowser" class="mention hashtag" rel="nofollow noopener" target="_blank">#ChromeBrowser</a>

Marcel SIneM(S)US<a href="https://social.tchncs.de/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a>-<a href="https://social.tchncs.de/tags/Netweaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#Netweaver</a>-Lücke: <a href="https://social.tchncs.de/tags/Ransomware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Ransomware</a>-Gruppen springen auf | Security <a href="https://www.heise.de/news/SAP-Netweaver-Luecke-Ransomware-Gruppen-springen-auf-10384918.html" rel="nofollow noopener" translate="no" target="_blank">https://www.heise.de/news/SAP-Netweaver-Luecke-Ransomware-Gruppen-springen-auf-10384918.html</a> <a href="https://social.tchncs.de/tags/Malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#Malware</a> <a href="https://social.tchncs.de/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberCrime</a> <a href="https://social.tchncs.de/tags/Patchday" class="mention hashtag" rel="nofollow noopener" target="_blank">#Patchday</a>

securityaffairsExperts warn of a second wave of attacks targeting <a href="https://infosec.exchange/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> <a href="https://infosec.exchange/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a> bug CVE-2025-31324 <a href="https://securityaffairs.com/177522/hacking/experts-warn-of-a-second-wave-of-attacks-targeting-sap-netweaver-bug-cve-2025-31324.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/177522/hacking/experts-warn-of-a-second-wave-of-attacks-targeting-sap-netweaver-bug-cve-2025-31324.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a>

Efani🚨 SAP NetWeaver Zero-Day Under Active Exploitation — Patch ImmediatelySAP has released an out-of-band emergency update to fix a critical zero-day vulnerability (CVE-2025-31324) in NetWeaver Visual Composer — and it’s already being exploited in the wild.The flaw (CVSS 10.0) allows unauthenticated remote attackers to upload malicious files and gain full remote code execution — no login required.Here’s what’s happening: - Threat actors are abusing the `/developmentserver/metadatauploader` endpoint - They're dropping JSP web shells and executing commands directly from browsers - Post-exploitation activity includes tools like Brute Ratel and MSBuild injection for stealth - Even fully patched systems were compromised — confirming this was a true zero-dayBoth ReliaQuest and watchTowr have confirmed active exploitation, with attackers already moving to establish persistence and lateral movement.Who’s affected: - SAP NetWeaver Visual Composer 7.50 environments - Systems exposed to the internet, especially if Visual Composer is enabledWhat you need to do: - Apply the emergency patch from SAP (released after the April 8 update) - If you can’t patch immediately: - Restrict access to the vulnerable endpoint - Disable Visual Composer if unused - Forward logs to SIEM and scan for unauthorized servlet uploadsAlso included in the emergency update: - CVE-2025-27429 — Code injection in SAP S/4HANA - CVE-2025-31330 — Code injection in SAP Landscape TransformationIn a world where zero-days are increasingly exploited within hours of discovery, patching isn’t optional — it’s urgent.<a href="https://infosec.exchange/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> <a href="https://infosec.exchange/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a> <a href="https://infosec.exchange/tags/CyberSecurity" class="mention hashtag" rel="nofollow noopener" target="_blank">#CyberSecurity</a>

securityaffairs<a href="https://infosec.exchange/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> <a href="https://infosec.exchange/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a> zero-day allegedly exploited by an initial access broker <a href="https://securityaffairs.com/176983/hacking/sap-netweaver-zero-day-allegedly-exploited-by-an-initial-access-broker.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/176983/hacking/sap-netweaver-zero-day-allegedly-exploited-by-an-initial-access-broker.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener" target="_blank">#malware</a>

securityaffairs<a href="https://infosec.exchange/tags/SAP" class="mention hashtag" rel="nofollow noopener" target="_blank">#SAP</a> fixed critical SSRF flaw in <a href="https://infosec.exchange/tags/NetWeaver" class="mention hashtag" rel="nofollow noopener" target="_blank">#NetWeaver</a>'s Adobe Document Services <a href="https://securityaffairs.com/171839/security/sap-fixed-critical-ssrf-flaw-netweaver.html" rel="nofollow noopener" translate="no" target="_blank">https://securityaffairs.com/171839/security/sap-fixed-critical-ssrf-flaw-netweaver.html</a> <a href="https://infosec.exchange/tags/securityaffairs" class="mention hashtag" rel="nofollow noopener" target="_blank">#securityaffairs</a> <a href="https://infosec.exchange/tags/hacking" class="mention hashtag" rel="nofollow noopener" target="_blank">#hacking</a>

Frühere Suchanfragen

Suchoptionen

Verwaltet von:

Serverstatistik:

#netweaver