Tag: citrix
-
Citrix NetScaler flaws lead to critical infrastructure breaches
Dutch authorities said hackers penetrated several critical infrastructure providers, in a warning sign for vulnerable organizations elsewhere. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/citrix-netscaler-attacks-netherlands/757434/
-
Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)
FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix”¯Bleed”¯2, a critical buffer over”‘read flaw (CVE”‘2025″‘5777) affecting Citrix NetScaler … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/12/citrix-netscaler-exploitation-zero-day-cve-2025-6543/
-
Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug
Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/over-3-000-netscaler-devices-left-unpatched-against-actively-exploited-citrixbleed-2-flaw/
-
Dutch Investigators Blame Hacks on Multiple Threat Actors
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
7,000 Citrix NetScaler Devices Still Vulnerable to CVE-2025-5777 and CVE-2025-6543
Tags: citrix, cve, cyber, cybersecurity, exploit, infrastructure, kev, network, risk, update, vulnerabilityA significant number of Citrix NetScaler devices continue to pose serious security risks, with approximately 7,000 systems still vulnerable to two critical exploits that have been added to the Cybersecurity and Infrastructure Security Agency’s (CISA) Known Exploited Vulnerabilities (KEV) catalog. The ongoing exposure highlights persistent challenges in enterprise patch management and cybersecurity hygiene. Widespread Network…
-
APT-Style Attacks Exploit CVE-2025-6543 in Dutch Critical Organizations
The Dutch National Cyber Security Centre (NCSC) has confirmed that a serious vulnerability in Citrix NetScaler systems, identified as CVE-2025-6543, has been exploited in targeted attacks against multiple critical organizations in the Netherlands. The exploitation began months before the vulnerability was publicly disclosed, and investigations indicate that attackers used advanced methods to evade detection. First…
-
Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors
The Dutch National Cyber Security Centre (NCSC-NL) has warned of cyber attacks exploiting a recently disclosed critical security flaw impacting Citrix NetScaler ADC products to breach organizations in the country.The NCSC-NL said it discovered the exploitation of CVE-2025-6543 targeting several critical organizations within the Netherlands, and that investigations are ongoing to determine the First seen…
-
NCSC: Citrix NetScaler Flaw (CVE-2025-6543) is Being Actively Exploited to Breach Organizations
The National Cyber Security Centre (NCSC) in the Netherlands has issued an urgent update on a series of sophisticated cyberattacks exploiting a zero-day vulnerability in Citrix NetScaler systems, identified as CVE-2025-6543. This flaw, affecting Citrix NetScaler Application Delivery Controller (ADC) and Gateway products, has enabled threat actors to compromise multiple critical organizations since at least…
-
NCSC: Citrix NetScaler Flaw (CVE-2025-6543) is Being Actively Exploited to Breach Organizations
The National Cyber Security Centre (NCSC) in the Netherlands has issued an urgent update on a series of sophisticated cyberattacks exploiting a zero-day vulnerability in Citrix NetScaler systems, identified as CVE-2025-6543. This flaw, affecting Citrix NetScaler Application Delivery Controller (ADC) and Gateway products, has enabled threat actors to compromise multiple critical organizations since at least…
-
Dutch Investigators Blame Multiple Threat Actors on Hacks
NCSC-NL Says Hack of Citrix NetScaler Flaw Also Targeted Critical Infrastructure. A preliminary assessment by the Dutch NCSC into a suspected Russian hacking campaign has concluded that more than one group likely carried out the May breach of the country’s law enforcement network. Investigators say hacks of Citrix NetScaler flaw also targeted critical infrastructure. First…
-
Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs
The Netherlands’ National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach “critical organizations” in the country. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/netherlands-citrix-netscaler-flaw-cve-2025-6543-exploited-to-breach-orgs/
-
Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks
A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed “CitrixBleed 2,” was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/citrix-bleed-2-exploited-weeks-before-pocs-as-citrix-denied-attacks/
-
Hackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC Disclosure
Cybersecurity researchers have discovered that threat actors began exploiting the critical CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released, highlighting the sophisticated nature of modern attack campaigns. The vulnerability, tracked as CVE-2025-5777, represents a significant security risk for organizations running Citrix NetScaler appliances. Early Exploitation Timeline GreyNoise security researchers observed the…
-
CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe
The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites. First seen on cyberscoop.com Jump to article: cyberscoop.com/citrixbleed2-exploits-spread/
-
Attackers Now ‘Scanning Extensively’ for Citrix Bleed 2
Ransomware Group Among Attackers Focused on Exploiting Citrix Netscaler Flaw. Security experts warn that attackers have ramped up their collective attempts to find and exploit Citrix NetScaler devices that remain unpatched. Cloud Security Group patched CVE-2025-5777, a flaw also known as Citrix Bleed 2, nearly four weeks ago with a software update. First seen on…
-
‘Critical’ Citrix NetScaler Vulnerability Now Seeing Exploitation: CISA
CISA ordered Federal Civilian Executive Branch agencies to implement fixes for a critical-severity vulnerability affecting two Citrix NetScaler products by end of day Friday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/critical-citrix-netscaler-vulnerability-now-seeing-exploitation-cisa
-
CISA warns hackers are actively exploiting critical ‘Citrix Bleed 2’ security flaw
The U.S. cybersecurity agency gave federal agencies just one day to patch a security bug in Citrix Netscaler, which can be exploited to break into corporate and government networks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/11/cisa-confirms-hackers-are-actively-exploiting-critical-citrix-bleed-2-bug/
-
CISA confirms hackers are actively exploiting critical ‘Citrix Bleed 2’ bug
The U.S. cybersecurity agency gave federal agencies just one day to patch a security bug in Citrix Netscaler, which can be exploited to break into corporate and government networks. First seen on techcrunch.com Jump to article: techcrunch.com/2025/07/11/cisa-confirms-hackers-are-actively-exploiting-critical-citrix-bleed-2-bug/
-
Researchers, CISA confirm active exploitation of critical Citrix Netscaler flaw
Critics have faulted Citrix for not updating its guidance in recent days, even as concerns grow about a resumption of the 2023 CitrixBleed crisis. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/researchers-cisa-exploitation-citrix-netscaler/752819/
-
CISA orders agencies to immediately patch Citrix Bleed 2, saying bug poses ‘unacceptable risk’
The one-day deadline issued by CISA on Thursday appears to be the shortest one ever issued. Federal civilian agencies are typically given three weeks to patch bugs added to the known exploited vulnerability catalog. First seen on therecord.media Jump to article: therecord.media/cisa-orders-agencies-patch-citrix-bleed-2
-
CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch
The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-tags-citrix-bleed-2-as-exploited-gives-agencies-a-day-to-patch/
-
CISA Alerts on Active Exploits Targeting Citrix NetScaler ADC and Gateway Flaw
Tags: cisa, citrix, cve, cyber, cybersecurity, exploit, flaw, infrastructure, network, risk, vulnerabilityThe Cybersecurity and Infrastructure Security Agency (CISA) has issued a critical alert regarding active exploitation of a newly discovered vulnerability in Citrix NetScaler ADC and Gateway systems, with organizations facing an immediate deadline to implement protective measures. The vulnerability, designated CVE-2025-5777, poses significant security risks to enterprise networks worldwide and has been added to CISA’s…
-
U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds U.S. CISA adds Citrix NetScaler ADC and Gateway flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler ADC and Gateway, tracked as CVE-2025-5777, to its Known Exploited Vulnerabilities (KEV) catalog. The CVE-2025-5777 flaw, dubbed ‘CitrixBleed 2’ (CVSS v4.0 Base Score…
-
CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild.The shortcoming in question is CVE-2025-5777 (CVSS score: 9.3), an instance of insufficient input validation that First seen…
-
Now everybody but Citrix agrees that CitrixBleed 2 is under exploit
Add CISA to the list First seen on theregister.com Jump to article: www.theregister.com/2025/07/10/cisa_citrixbleed_kev/
-
Exploit details released for Citrix Bleed 2 flaw affecting NetScaler
Tags: access, advisory, authentication, backdoor, backup, citrix, credentials, cve, data-breach, endpoint, exploit, flaw, leak, mitigation, password, theft, tool, vulnerability, zero-daySimilarities to the original Citrix Bleed: CVE-2025-5777 has been dubbed Citrix Bleed 2 due to its similarities to a zero-day information disclosure vulnerability fixed in October 2023 (CVE-2023-4966) that received the Citrix Bleed moniker because it enabled attackers to leak session tokens from memory, allowing for session takeover with multifactor authentication bypass.Similarly, CVE-2025-5777 can lead…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
July Patch Tuesday: 14 critical Microsoft vulnerabilities, one SAP hole rated at 10 in severity
Tags: access, attack, authentication, business, citrix, computer, control, credentials, cve, cvss, data, email, espionage, exploit, grc, microsoft, monitoring, network, ransomware, remote-code-execution, risk, sap, service, threat, update, vulnerability, windowsNetwork security: Allow PKU2U authentication requests to this computer to use online identities“.Tyler Reguly, Fortra’s associate director of security R&D, told CSO that, based on Microsoft’s presentation of the information, disabling this GPO will mitigate this vulnerability.The second priority is a fix for CVE-2025-49704, a SharePoint Remote Code Execution vulnerability, because it presents a critical risk to a…
-
Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777)
With PoC exploits for CVE-2025-5777 (aka CitrixBleed 2) now public and reports of active exploitation of the flaw since mid-June, you should check whether your Citrix … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/08/cve-2025-5777-indicators-of-compromise/
-
PoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per Request
Security researchers have released proof-of-concept exploits forCVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed >>CitrixBleed2.