Techly NewsGet the app

Get the latest tech news

Chinese Hackers Exploit SAP NetWeaver RCE Flaw


"A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver," reports The Hacker News: Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking gr...

CVE-2025-31324 refers to a critical SAP NetWeaver flaw that allows attackers to achieve remote code execution (RCE) by uploading web shells through a susceptible "/developmentserver/metadatauploader" endpoint. The vulnerability was first flagged by ReliaQuest late last month when it found the shortcoming being abused in real-world attacks by unknown threat actors to drop web shells and the Brute Ratel C4 post-exploitation framework. "In recent days, multiple threat actors are said to have jumped aboard the exploitation bandwagon to opportunistically target vulnerable systems to deploy web shells and even mine cryptocurrency..."

Get the Android app

Or read this on Slashdot

Read more on:

Photo of Chinese

Chinese

Photo of SAP

SAP

Photo of Chinese hackers

Chinese hackers

Related news:

News photo

The US is reviewing Benchmark’s investment into Chinese AI startup Manus

News photo

Chinese chipmaker readies 128-core, 512-thread CPU with AVX-512 and 16-channel DDR5-5600 support

News photo

Chinese hackers behind attacks targeting SAP NetWeaver servers

« Build iOS Apps on Linux and Windows
New chip for wearables has AI-powered heart attack detection baked in »