As artificial intelligence reshapes enterprise software development and operations, cybersecurity leaders are increasingly turning their attention to a more unsettling question: how quickly could AI also transform the way attackers target critical business applications?
This is the focus of the latest episode in the Hacking and Defending SAP Applications docuseries from Onapsis, which will premiere on June 25. Titled When AI Attacks SAP: How Mythos-like AI Models Can Hack SAP Applications, the session explores how frontier and open-source AI models could enable attackers to identify vulnerabilities, generate exploits and execute attacks against SAP environments with unprecedented speed and sophistication.
The announcement comes amid heightened concern across the SAP ecosystem following a surge in attacks against enterprise applications over the past year. Industry reports have pointed to record levels of SAP vulnerability exploitation, including the widespread abuse of the SAP NetWeaver zero-day vulnerability (CVE-2025-31324), which emerged as one of the most significant enterprise software security incidents in recent years.
AI Is Changing the Economics of Enterprise Cyberattacks
Historically, attacking SAP systems required extensive expertise in proprietary architectures, protocols and business processes. Security researchers increasingly argue that AI may dramatically lower this barrier.
According to Onapsis, advanced language models are now capable of interpreting complex SAP architectures, assisting with vulnerability discovery and automating exploit development. The company warns that AI could act as a force multiplier for cybercriminals, enabling a broader range of attackers to target mission-critical enterprise systems that were previously considered difficult to penetrate.
This emerging threat landscape is already shaping conversations across enterprise security teams. In a recent analysis, Onapsis described what it calls an impending “vulnerability surge,” arguing that frontier AI models may accelerate the discovery of security flaws and shorten the time between vulnerability disclosure and active exploitation.
“AI is democratizing cybercrime and lowering the barrier to entry for threat actors to infiltrate enterprise applications, leading to faster and more sophisticated attacks and more vulnerabilities, creating the perfect storm in the threat landscape,” said Mariano Nunez, CEO and Co-Founder of Onapsis.
From Zero-Day Exploits to AI-Powered Threat Scenarios
The upcoming episode is the third installment in Onapsis’ cybersecurity series, which focuses on practical demonstrations of SAP attack techniques and defensive strategies.
The inaugural episode examined the impact of the SAP NetWeaver zero-day campaign and its implications for enterprise security teams. The second episode shifted attention to risks associated with SAP Business Technology Platform (BTP) and ABAP environments, highlighting both accidental and malicious code scenarios.
The newest episode expands the conversation further by examining how AI could reshape offensive cyber operations. According to the company, the session will demonstrate scenarios in which attackers use AI models to map SAP vulnerabilities, craft targeted exploits and move laterally toward core business systems.
Juan Pablo Perez-Etchegoyen, Chief Technology Officer at Onapsis, said the goal of the series is to help defenders understand not only the risks but also the mechanics behind emerging attack techniques.
“Theoretical knowledge is great, but to truly protect an enterprise, security teams need to understand the ‘how’ behind the attacks that are targeting them,” he said.
Why This Matters
The convergence of AI and enterprise cybersecurity is rapidly becoming one of the most important challenges facing SAP customers.
While AI promises to improve productivity, automation and software development, it also has the potential to compress attack timelines and amplify the capabilities of less experienced threat actors. Researchers are increasingly warning that AI-driven adversaries could undermine traditional assumptions about cyber defense and attribution, particularly as autonomous systems become more capable of discovering and exploiting vulnerabilities.
For organizations running SAP as their digital core, the implications extend beyond IT security. Cyber resilience is increasingly tied to business continuity, supply chain stability and operational integrity.
Against this backdrop, initiatives that expose real-world attack methods—and the defensive measures required to counter them—are gaining traction across the SAP ecosystem. Onapsis reports that its Hacking and Defending SAP Applications series has already attracted more than 1,300 registrations from SAP Basis, IT and cybersecurity professionals spanning industries including manufacturing, utilities, pharmaceuticals and industrial chemicals.
The third episode, When AI Attacks SAP: How Mythos-like AI Models Can Hack SAP Applications, will premiere on June 25 and will examine how organizations can prepare for a future in which AI serves not only as a business accelerator, but also as a powerful tool for cyber adversaries.
ERP News Editorial Team
The ERPNews Editorial Team covers global developments in ERP (Enterprise Resource Planning), enterprise software, cloud platforms, AI, automation, and digital transformation, providing independent news and editorial analysis for senior business and technology leaders. Our reporting focuses on market signals, strategic shifts, and enterprise impact across the ERP and enterprise technology ecosystem.
For editorial inquiries, please contact:
📩 [email protected]
