Global tech leader battles zero-day flaws, sparking urgency to protect digital ecosystems.

In a swift response to cunning cyber threats, SAP, a titan in enterprise software, has released critical patches to seal a second zero-day vulnerability, CVE-2025-42999, targeting its NetWeaver servers. Unveiled on May 12, 2025, this fix follows April’s patch for another flaw, CVE-2025-31324, after attackers exploited both to infiltrate systems since January. The news, stirring curiosity about digital defenses, underscores the relentless fight against cybercrime.

Cybersecurity firm ReliaQuest first spotted the attacks in April, revealing hackers were sneaking malicious web shells and tools like Brute Ratel into SAP systems via unauthorized file uploads. WatchTowr and Onapsis confirmed the breaches, noting even patched servers fell victim to these zero-day exploits. Forescout’s Vedere Labs linked some attacks to a Chinese threat actor, Chaya_004, while Onyphe’s Patrice Auffret warned that 20 Fortune 500 companies were at risk, with 474 of 1,284 exposed servers already compromised. Shadowserver now tracks over 2,040 vulnerable NetWeaver servers online.

SAP urges admins to apply patches immediately, disable Visual Composer if feasible, and monitor for suspicious activity. The U.S. Cybersecurity and Infrastructure Security Agency has flagged CVE-2025-31324, mandating federal agencies to secure systems by May 20. This saga, blending urgency with resilience, highlights the stakes in safeguarding global enterprises. The news originates from Germany, SAP’s headquarters.