A working exploit concatenating two critical SAP Netweaver vulnerabilities (CVE-2025-31324, CVE-2025-42999) that have been previously exploited in the wild has been made public by VX Underground, Onapsis security researchers have warned. The exploit has allegedly been released on a Telegram channel that claimed to represent a collective of three established cybercrime groups: Scattered Spider, ShinyHunters, and LAPSUS$. Historical exploitation of CVE-2025-31324 Earlier this year, a suspected initial access broker group abused CVE-2025-31324 – a missing … More
The post Exploit for critical SAP Netweaver flaws released (CVE-2025-31324, CVE-2025-42999) appeared first on Help Net Security.
This article has been indexed from Help Net Security
Read the original article: