Onapsis security team demonstrates how to protect against real-world scenarios of hackers leveraging AI models to take advantage of vulnerabilities in SAP systems
Onapsis, the global leader in SAP cybersecurity and compliance, will launch its latest episode, “When AI Attacks SAP: How Mythos-like AI Models Can Hack SAP Applications,” on June 25, as part of its inaugural docuseries, Hacking and Defending SAP Applications. The third episode comes at a critical time as bad actors are more aggressively exploring new ways to use the heft of frontier and open-source AI models to their advantage and gain access to critical business applications, including SAP. By leveraging AI as a force multiplier, even unsophisticated threat actors can now orchestrate sophisticated attacks that bypass generic security controls and compromise critical business data, putting greater pressure on organizations to enhance their visibility, governance and defense measures.
Also Read: CIO Influence Interview with Hugo Dozois-Caouette, CTO and Co-founder at MaintainX
Last year was the most volatile year for SAP security ever, with a staggering 210% increase in active exploitation of SAP vulnerabilities compared to 2024. This was reinforced in Mandiant’s M-Trends Report, which stated that the infamous SAP NetWeaver zero-day vulnerability was the most exploited in the 2025 calendar year. This series, now extended due to popular demand, was created to bring greater understanding to how sophisticated threats are being used to compromise SAP applications and why AI is making it easier to automate attacks against SAP-specific targets.
“AI is democratizing cybercrime and lowering the barrier to entry for threat actors to infiltrate enterprise applications, leading to faster and more sophisticated attacks and more vulnerabilities, creating the perfect storm in the threat landscape,” said Mariano Nunez, CEO and Co-Founder of Onapsis. “Through this series, we are helping the industry understand that in order to accurately protect themselves from AI-based and emerging threats, they need to understand how threat actors are taking advantage of these new exploits and technologies.”
Each episode explores different topics that directly impact the SAP threat landscape:
- The SAP Zero-Day That Changed Everything– Episode one provided an insider’s look at the SAP NetWeaver zero-day attack campaign (CVE-2025-31324), underscoring the critical need for immediate security implementation.
- Clean Core, Dark Shadows– In the second episode, Onapsis outlines two high-stakes threat scenarios, based on real-world incidents, that every SAP customer must prepare for: accidental and malicious code in BTP and ABAP.
- When AI Attacks SAP: How Mythos-like AI Models Can Hack SAP Applications– In the upcoming episode, Onapsis will demonstrate real-world scenarios on how threat actors are able to leverage AI to map out vulnerabilities in SAP applications, generate precise exploits and execute sophisticated attacks to breach the SAP core.
“We created this docuseries to educate and raise awareness of the emerging and evolving cybersecurity risks for defenders who are working with SAP and enterprise applications. Theoretical knowledge is great, but to truly protect an enterprise, security teams need to understand the ‘how’ behind the attacks that are targeting them,” said Juan Pablo Perez-Etchegoyen, Chief Technology Officer at Onapsis. “This first-of-its-kind docuseries features the largest team of offensive SAP threat researchers finding these real-world examples and leading the industry in enterprise application security.”
Catch more CIO Insights: What Does “Job-Ready” Really Mean in IT and Cybersecurity?
[To share your insights with us, please write to psen@itechseries.com ]
