A China-linked threat actor named Chaya_004 has been identified exploiting a recently disclosed security vulnerability in SAP NetWeaver, specifically CVE-2025-31324, which has a critical CVSS score of 10.0. Forescout Vedere Labs reported that this malicious activity has been observed since April 29, 2025, indicating a significant security risk associated with the flaw. The report highlights the urgent need for organizations using SAP NetWeaver to address this vulnerability to prevent potential exploitation by the threat actor.
Loading PerspectiveSplit analysis...
