Chinese Hacker Group Exploits Critical SAP NetWeaver Vulnerability

A Chinese hacker group named Chaya_004 has exploited a recently disclosed security vulnerability in SAP NetWeaver. According to a report published on Thursday by Forescout Vedere Labs, malicious infrastructure associated with this group was discovered exploiting the vulnerability CVE-2025-31324 (CVSS score: 10.0) since April 29, 2025. CVE-2025-31324 refers to a critical flaw in SAP NetWeaver.