CSOonline

SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability

The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant full access to servers and allow installing additional malware payloads.
Bleeping Computer

Hackers exploit SAP NetWeaver bug to deploy Linux Auto-Color malware

Hackers were spotted exploiting a critical SAP NetWeaver vulnerability tracked as CVE-2025-31324 to deploy the Auto-Color Linux malware in a cyberattack on a U.S.-based chemicals company.
TechRadar

Hackers hit SAP security bug to send out nasty Linux malware

A critical flaw in SAP NetWeaver is still being abused, months after patching Researchers saw it used to deploy Auto-Color This backdoor remains dormant when not in use A vulnerability in SAP ...
heise online

SAP Patchday: Another critical security vulnerability in Netweaver

SAP has published 14 security releases for the June patchday. In these, the company's developers address security vulnerabilities in various products, some of which are critical. IT managers should ...