China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Published May 13, 2025

A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
“Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE),” EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign

China-Linked APTs Exploit SAP CVE-2025-31324 to Breach 581 Critical Systems Worldwide

Popular News

Meta Warns of FreeType Vulnerability (CVE-2025-27363) With Active Exploitation Risk

Amazon is getting rid of the option for Echo devices to process Alexa voice requests locally

Bol, Caudery and Lake sign up for Diamond League in London

Rockies fire hitting coach Hensley Meulens

NASA Awards Project Support Bridge Contract