TechCrunch

CISA warns hackers are actively exploiting critical ‘Citrix Bleed 2’ security flaw

U.S. cybersecurity agency CISA says hackers are actively exploiting a critical-rated security flaw in a widely used Citrix product, and has given other federal government departments just one day to ...
Dark Reading

Citrix Patches Critical Vulns in NetScaler ADC and Gateway

Citrix has fixed a critical vulnerability, tracked as CVE-2025-5777, found within NetScaler ADC and NetScaler Gateway. The vulnerability, assigned a critical CVSS score of 9.3, is described as an ...
Bleeping Computer

Citrix Bleed exploit lets hackers hijack NetScaler accounts

A proof-of-concept (PoC) exploit is released for the 'Citrix Bleed' vulnerability, tracked as CVE-2023-4966, that allows attackers to retrieve authentication session cookies from vulnerable Citrix ...
Ars Technica

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The ...
Dark Reading

Attackers Exploit Citrix Zero-Day Bug to Pwn NetScaler ADC, Gateway

Cyberattackers are actively exploiting a critical remote code execution (RCE) bug in several versions of Citrix's NetScaler ADC and NetScaler Gateway application delivery and remote access ...
Bleeping Computer

Almost 2,000 Citrix NetScaler servers backdoored in hacking campaign

A threat actor has compromised close to 2,000 thousand Citrix NetScaler servers in a massive campaign exploiting the critical-severity remote code execution tracked as CVE-2023-3519. More than 1,200 ...
Computer Weekly

Three new Citrix NetScaler zero-days under active exploitation

Citrix has issued patches to fix three newly designated common vulnerabilities and exposures (CVEs) in the widely used NetScaler Application Delivery Controller (ADC) and NetScaler Gateway lines, at ...
heise online

Citrix Bleed 2: Critical Netscaler security gap exploited for almost a month

The security vulnerability nicknamed “Citrix Bleed 2” has apparently been known to attackers for longer than initially assumed. This was discovered by a provider of attack detection solutions. Using ...
Infosecurity-magazine.com

Citrix Patches Three NetScaler Zero Days as One Sees Active Exploitation

Citrix has released patches for three zero-day vulnerabilities in NetScaler ADC and Gateway, one of which was already being exploited by attackers. The flaws, tracked as CVE-2025-7775, CVE-2025-7776, ...
heise online

Citrix plugs security leaks in Netscaler ADC and Gateway and more

Citrix has released updates to close security vulnerabilities. Citrix Netscaler ADC, Netscaler Gateway and Session Recording are vulnerable to attacks. The US IT security authority CISA assumes that ...
CSOonline

Citrix NetScaler devices face active zero-day exploitations

Citrix has warned its NetScaler ADC and NetScaler Gateway customers against two critical zero-day vulnerabilities that have active exploitations in the wild. Tracked as CVE-2023-6548 and CVE-2023-6549 ...