Dark Reading

'CitrixBleed 2' Wreaks Havoc as Zero-Day Bug

Organizations that earlier this year rushed to patch the critical "CitrixBleed 2" vulnerability in NetScaler ADC and Gateway systems (CVSS 9.3), and the max-critical bug in Cisco Identity Service ...
techzine

Complex VPNs make companies more vulnerable

The latest InsurSec Rankings from At-Bay reveal a worrying security trend. The 2025 report shows that organizations using VPN solutions from Cisco and Citrix are much more likely to fall victim to ...
theregister

Firewalls and VPNs are so complex now, they can actually make you less secure

Organizations using Cisco and Citrix VPN devices were nearly seven times as likely to suffer a ransomware infection over a 15-month period, according to At-Bay, a provider of cyber insurance and a ...
Infosecurity-magazine.com

Salt Typhoon Uses Citrix Flaw in Global Cyber-Attack

A cyber intrusion linked to the China-based group Salt Typhoon has been identified by cybersecurity researchers, involving the exploitation of a Citrix NetScaler Gateway vulnerability. The operation, ...
TechRadar

Citrix patches a trio of high-severity security bugs, so be on your guard

Citrix fixes three flaws in NetScaler ADC and NetScaler Gateway Among them is a critical-severity one used as a zero-day which allowed for RCE and DoS attacks Citrix has fixed three bugs in its ...
Dark Reading

Citrix Gear Under Active Attack Again With Another Zero-Day

Citrix is once again testing customer patience with three new NetScaler flaws, one of which is a zero-day that attackers are already actively exploiting. The vulnerabilities affect multiple versions ...
thecyberexpress

CISA Adds Citrix Vulnerabilities to KEV Catalog as New Flaws Emerge

The U.S. Cybersecurity and Information Security Agency (CISA) has added two Citrix vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog just as new Citrix vulnerabilities emerge – one ...
The Hacker News

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) ...
CSOonline

Exploit details released for Citrix Bleed 2 flaw affecting NetScaler

Amid confusing reports about Citrix NetScaler exploits in the wild, researchers offer technical analyses and indicators of compromise for one of the vulnerabilities dubbed Citrix Bleed 2 that can lead ...
Bleeping Computer

Citrix shares mitigations for ongoing Netscaler password spray attacks

Citrix Netscaler is the latest target in widespread password spray attacks targeting edge networking devices and cloud platforms this year to breach corporate networks. In March, Cisco reported that ...
CSOonline

Citrix quietly fixes a new critical vulnerability similar to Citrix Bleed

Much similar to Citrix-Bleed, the information disclosure bug was identified within NetScaler devices configured as gateway or virtual servers. A critical vulnerability has been affecting a line of ...