News

The Hacker News1d
New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework
The web shells grant the threat actor the ability to execute arbitrary commands in system context, with the privileges of the ...
The Hacker News3d
DslogdRAT Malware Deployed via Ivanti ICS Zero-Day CVE-2025-0282 in Japan Attacks
Earlier this month, Google-owned Mandiant also revealed that another security flaw in ICS (CVE-2025-22457) has been ...
CSO Online2d
SAP NetWeaver customers urged to deploy patch for critical zero-day vulnerability
The unrestricted file upload flaw is likely being exploited by an initial access broker to deploy JSP web shells that grant ...
WooCommerce admins targeted by fake security patches that hijack sites
A large-scale phishing campaign targets WooCommerce users with a fake security alert urging them to download a "critical ...
SAP fixes suspected NetWeaver zero-day exploited in attacks
SAP has released out-of-band emergency NetWeaver updates to fix a suspected remote code execution (RCE) zero-day flaw ...