A China-linked threat actor named Chaya_004 has been identified exploiting a recently disclosed security vulnerability in SAP NetWeaver, specifically CVE-2025-31324, which has a critical CVSS score of 10.0. Forescout Vedere Labs reported that this malicious activity has been observed since April 29, 2025, indicating a significant security risk associated with the flaw. The report highlights the urgent need for organizations using SAP NetWeaver to address this vulnerability to prevent potential exploitation by the threat actor.
