<ul><li>Multiple ransomware operators are targeting a severe vulnerability in SAP NetWeaver Visual Composer, enabling unauthorized actors to upload malicious executables.</li><li>Around 1,200 SAP instances were reported to be at risk from this vulnerability, CVE-2025-31324.</li><li>Ransomware families like BianLian and RansomEXX, along with Chinese state-sponsored actors, have been identified in exploiting the flaw.</li><li>SAP quickly released a patch for the bug but multiple attacks were observed in the wild, emphasizing the critical nature of the security issue.</li></ul>

SAP NetWeaver woes worsen as ransomware gangs join the attack

Discover more