A recently disclosed critical security flaw impacting SAP NetWeaver is being exploited by multiple China-nexus nation-state actors to target critical infrastructure networks.
« Actors leveraged CVE-2025-31324, an unauthenticated file upload vulnerability that enables remote code execution (RCE), » EclecticIQ researcher Arda Büyükkaya said in an analysis published today.
Targets of the campaign
