New Critical SAP NetWeaver Flaw Exploited to Drop Web Shell, Brute Ratel Framework

Threat actors are exploiting a new vulnerability in SAP NetWeaver to upload JSP web shells, enabling unauthorized file uploads and code execution. The vulnerability, tracked as CVE-2025-31324, allows attackers to upload malicious files without authorization. This follows previous warnings about active exploitation of other high-severity NetWeaver flaws.