In this episode, we dive into the active exploitation of two critical zero-day vulnerabilities in SAP NetWeaver—CVE-2025-31324 and CVE-2025-42999. Threat actors have been leveraging these flaws since January 2025 to gain unauthenticated access, upload malicious web shells, and ultimately achieve remote code execution by chaining an insecure deserialization bug. With over 2,000 vulnerable SAP NetWeaver servers exposed online—including deployments at more than 20 Fortune 500 and Global 500 companies—the impact is massive.We break down how the attack chain works, the tools being deployed (like Brute Ratel), and what this says about modern supply chain security. We also examine the role of Chinese threat actor Chaya_004 and the response from the U.S. government, including CISA’s mandate for federal agencies to patch by May 20. Plus, we discuss SAP’s mitigation guidance and the broader implications of enterprise software zero-days in an increasingly hostile cyber threat landscape.Tune in to understand why this campaign could be one of the most consequential enterprise breaches of 2025—and what security teams must do now.
No persons identified in this episode.
This episode hasn't been transcribed yet
Help us prioritize this episode for transcription by upvoting it.
Popular episodes get transcribed faster
Other recent transcribed episodes
Transcribed and ready to explore now
3ª PARTE | 17 DIC 2025 | EL PARTIDAZO DE COPE
01 Jan 1970
El Partidazo de COPE
13:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
10:00H | 21 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
13:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana
12:00H | 20 DIC 2025 | Fin de Semana
01 Jan 1970
Fin de Semana