China-Linked Hackers Exploit SAP and SQL Server Vulnerabilities

China-linked hackers are exploiting critical security vulnerabilities in SAP NetWeaver and SQL Server to target organizations in Asia and Brazil since 2023. The threat group primarily uses SQL injection vulnerabilities found in web applications to gain access to the SQL servers of the targeted organizations. The attacks have been observed in India, Southeast Asia, and Brazil. Technical details mentioned include the exploitation of security flaws in SAP NetWeaver and the use of SQL injections to compromise SQL servers.