Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

May 9, 2025

A China-linked unnamed threat actor dubbed Chaya_004 has been observed exploiting a recently disclosed security flaw in SAP NetWeaver.
Forescout Vedere Labs, in a report published Thursday, said it uncovered a malicious infrastructure likely associated with the hacking group weaponizing CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025.
CVE-2025-31324 refers to a critical SAP NetWeaver flaw

Source: Read More

Previous ArticleToronto School Board Hit with Extortion Demand After PowerSchool Data Breach

Next Article SonicWall Patches 3 Flaws in SMA 100 Devices Allowing Attackers to Run Code as Root

Highlights

CVE-2025-3990 – TOTOLINK N150RT Buffer Overflow Vulnerability

April 28, 2025

CVE ID : CVE-2025-3990

Published : April 27, 2025, 11:15 p.m. | 3 hours, 26 minutes ago

Description : A vulnerability, which was classified as critical, has been found in TOTOLINK N150RT 3.4.0-B20190525. Affected by this issue is some unknown functionality of the file /boafrm/formVlan. The manipulation of the argument submit-url leads to buffer overflow. The attack may be launched remotely. The exploit has been disclosed to the public and may be used.

Severity: 8.8 | HIGH

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

Sunshine And March Vibes (2025 Wallpapers Edition)

The Case For Minimal WordPress Setups: A Contrarian View On Theme Frameworks

How To Fix Largest Contentful Paint Issues With Subpart Analysis

How To Prevent WordPress SQL Injection Attacks

Your password manager is under attack, and this new threat makes it worse: How to defend yourself

EcoFlow’s new backyard solar energy system starts at $599 – no installation crews or permits needed

Why Sonos’ cheapest smart speaker is one of my favorites – even a year after its release

7 productivity gadgets I can’t live without (and why they make such a big difference)

Tap into Your PHP Potential with Free Projects at PHPGurukul

Tap into Your PHP Potential with Free Projects at PHPGurukul

Preparing for AI? Here’s How PIM Gets Your Data in Shape

A Closer Look at the AI Assistant of Oracle Analytics

kew v3.2.0 improves internet radio support and more

kew v3.2.0 improves internet radio support and more

GNOME Replace Totem Video Player with Showtime

Placemark is a web-based tool for geospatial data

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Nmap 7.96 Launches with Lightning-Fast DNS and 612 Scripts

CVE-2024-13962 – Avast Cleanup Premium Link Following Local Privilege Escalation Vulnerability

Collection Customization in Laravel Using CollectedBy

What Is Whonix, What It Does, and How to Use It?

Import TestNG results from Jenkins to ALM

10 Must-Read Books on Famous Male Tech Personalities

CVE-2025-3990 – TOTOLINK N150RT Buffer Overflow Vulnerability

Avowed review and Metacritic roundup — Here’s what critics are saying about the new Xbox RPG

buku – bookmark management utility written in Python

UK NCSC to Defend â€œHigh-Riskâ€ Political Candidates from Cyberattacks

Chinese Hackers Exploit SAP RCE Flaw CVE-2025-31324, Deploy Golang-Based SuperShell

Related Posts