Onapsis Resources

Active exploitation against a zero-day vulnerability in SAP systems in the wild.Evidence of active attacks against this vulnerability has been observed by ReliaQuest, Onapsis Threat Intelligence, and confirmed by multiple IR firms in recent active investigations.SAP published an emergency security patch on April 24, 2025 to address this issue. The vulnerability is of critical severity…

SAP defenders were briefed on an active exploitation campaign targeting a critical CVSS 10.0 vulnerability (CVE-2025-31324). The attack campaign was executed against SAP systems around the world. Thanks to rapid response from SAP, a security patch was released quickly. However, the ongoing impact of this orchestrated attack campaign remains far-reaching and the threat of further…

Onapsis in collaboration with Mandiant invites you to a webinar to discuss the current state of the attack campaign for CVE-2025-31324

CISA recently updated their Known Exploited Vulnerabilities (KEV) catalog with an SAP vulnerability: CVE-2017-12637. When exploited, this vulnerability affecting SAP Netweaver AS Java application servers can enable unauthenticated threat actors to take full control of unprotected SAP systems. While this is a known security vulnerability that was promptly patched by SAP in 2017, Onapsis Research…

Sichere SAP-Lösungen für Logistik und Produktion mit RISE und BTP Ein Webinar im Rahmen der 20. IT-Onlinekonferenz: Produktions- und Logistikprozesse mit SAP – Die führende Konferenz für SAP-gestützte Produktion und Logistik. Die digitale Transformation in Produktion und Logistik, angetrieben durch SAP RISE und die SAP Business Technology Platform (BTP), eröffnet Unternehmen neue Möglichkeiten zur Prozessoptimierung….

In our SAP CVE-2025-31324 webinar learn how to assess exposure, patch critical vulnerabilities, and defend against active zero-day attacks on SAP systems.

Download the SAPinsider Buyers Guide 2025 for RISE with SAP: actionable insights, vendor capability assessments, and expert recommendations to modernize and innovate your cloud ERP journey.

In this episode of the SAPinsider Las Vegas 2025 podcast, host Robert Holland SAPInsider speaks with JP Perez-Etchegoyen, CTO and co-founder of Onapsis, and Gaurav Singh, Senior Cybersecurity Manager at Under Armour, about the growing importance of cybersecurity in SAP landscapes. The conversation centers around their newly released book, Cybersecurity for SAP, the first SAP…

An Interview with Mariano Nunez of Onapsis. In this episode of the SAPinsider Las Vegas 2025 podcast, host Robert Holland SAPInsider speaks with Mariano Nunez, CEO and co-founder of Onapsis, about the evolving cybersecurity landscape for SAP customers. Nunez shares key challenges organizations face in securing SAP applications—especially during cloud migrations like RISE with SAP—highlighting…