A second wave of attacks against the hundreds of SAP NetWeaver platforms compromised via CVE-2025-31324 is underway. “[The] attacks [are] staged by follow-on, opportunistic threat actors who are leveraging previously established webshells (from the first zero-day attack) on vulnerable systems,” Onapsis warned last week. The second wave of attacks CVE-2025-31324 is a vulnerability in SAP NetWeaver’s Visual Composer tool that allows unauthenticated attackers to: Upload malicious files to the host system by sending carefully crafted … More
The post Compromised SAP NetWeaver instances are ushering in opportunistic threat actors appeared first on Help Net Security.
This article has been indexed from Help Net Security