Netscaler News Articles

‘Advanced’ hacker seen exploiting Cisco, Citrix zero-days

The hackers notably used custom malware and were exploiting CVE-2025-5777 — now known colloquially as “Citrix Bleed Two” — before it was disclosed publicly in July.

1 week ago

ThreatsDay Bulletin: Cisco 0-Days, AI Bug Bounties, Crypto Heists, State-Linked Leaks and 20 More Stories

Global cyber roundup: new AI bug bounties, malware threats, GDPR backlash, Cisco zero-days, data leaks, and rising attacks on key infrastructure.

1 week ago

Amazon Uncovers CVE-2025-20337 & CVE-2025-5777 Exploits

Amazon reports APTs exploiting CVE-2025-20337 and CVE-2025-5777 zero-day flaws in Cisco and Citrix systems.

1 week ago

Is It CitrixBleed4? Well, No. Is It Good? Also, No. (Citrix NetScaler Memory Leak & RXSS CVE-2025-12101)

There’s an elegance to vulnerability research that feels almost poetic - the quiet dance between chaos and control. It’s the art of peeling back the layers of complexity, not to destroy but to understand; to trace the fragile threads that hold systems together and see where they might

2 weeks ago

Amazon: Cisco, Citrix 0-days indicate 'advanced' attacker

An "advanced" attacker exploited CitrixBleed 2 and a max-severity Cisco Identity Services Engine (ISE) bug as zero-days to deploy custom malware, according to Amazon Chief Information Security Officer CJ...

2 weeks ago

Amazon Uncovers Attacks Exploited Cisco ISE and Citrix NetScaler as Zero-Day Flaws

Amazon reports dual zero-day exploits in Cisco ISE and Citrix ADC used to deploy custom malware.

2 weeks ago

Amazon discovers APT exploiting Cisco and Citrix zero-days | Amazon Web Services

The Amazon threat intelligence team has identified an advanced threat actor exploiting previously undisclosed zero-day vulnerabilities in Cisco Identity Service Engine (ISE) and Citrix systems. The campaign used custom malware and demonstrated access to multiple undisclosed vulnerabilities. This dis...

2 weeks ago

NetScaler ADC and Gateway Vulnerable: Urgent Updates to Prevent XSS Attacks

NetScaler has issued a security bulletin for an XSS vulnerability affecting its NetScaler ADC and NetScaler Gateway products. Urgent updates are recommended.

2 weeks ago

Hackers use new HexStrike-AI tool to rapidly exploit n-day flaws

Hackers are increasingly using a new AI-powered offensive security framework called HexStrike-AI in real attacks to exploit newly disclosed n-day flaws.

Over 28,000 Citrix devices vulnerable to new exploited RCE flaw

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild.

Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks

Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability.

Citrix Under Active Attack Again with Another Zero-Day

The flaw is one of three the company disclosed affecting its NetScaler ADC and NetScaler Gateway technologies.

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix patches CVE-2025-7775 exploited in NetScaler ADC; fixes three flaws with no workarounds.

Pennsylvania attorney general's email, site down after cyberattack

The Office of the Pennsylvania Attorney General has announced that a recent cyberattack has taken down its systems, including landline phone lines and email accounts.

Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug

Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released.

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches.

Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs

The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach

CVE-2025-5777 – Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2) - CYFIRMA

Published On : 2025-07-18 EXECUTIVE SUMMARY CVE‑2025‑5777 is a critical information disclosure vulnerability in Citrix NetScaler ADC and Gateway appliances, caused by unsafe memory handling in the...

Updates on Actively Exploited Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway I Arctic Wolf

In late June 2025, Arctic Wolf issued a security bulletin addressing a critical out-of-bounds read vulnerability in Citrix NetScaler ADC and Gateway that Citrix disclosed, tracked as CVE-2025-5777.

Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed

Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure

Researchers detected an active exploitation of CVE-2025-5777, dubbed CitrixBleed 2, nearly two weeks before a public proof-of-concept surfaced. 

Hackers Exploited CitrixBleed 2 Vulnerability Before Public PoC Release

This memory overread vulnerability in Citrix NetScaler appliances demonstrates how sophisticated attackers can identify

Hackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC Disclosure

Researchers have discovered that threat actors began exploiting CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-5777(link is external) Citrix NetScaler ADC and Gateway...

CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe

The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites.

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes.

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CISA added Citrix NetScaler's CVE-2025-5777 to its KEV catalog as active exploits emerge worldwide. Immediate patching advised.

Vulnerability Citrix NetScaler | CVE-2025-5777

Security alert on the Citrix NetScaler server and Stormshield protection solutions against the CVE-2025-5777.

H-ISAC TLP White Threat Bulletin PoC Exploits Available for Citrix NetScaler ADC and NetScaler Gateway Flaw CVE-2025-5777 | AHA

Proof-of-Concept (PoC) exploits for a critical vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, affecting Citrix NetScaler ADC and Gateway devices are publicly available.

Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) - Help Net Security

All organizations, even those that patched CVE-2025-5777 (aka CitrixBleed 2), should check for indicators of compromise.

PoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per Request

Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed "CitrixBleed2."

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

CISA adds four critical vulnerabilities to its KEV list, with active exploitation confirmed. Federal agencies must update by July 2025.

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now

Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens.

CitrixBleed 2 exploits on the loose as orgs slow to patch

Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still...

Citrix NetScaler ADC And NetScaler Gateway Memory Overflow Vulnerability (CVE-2025-6543)

- A vulnerability has been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) - Memory overflow vulnerability leading to unintended control flow and Denial of Service.

CitrixBleed 2 Vulnerability PoC Published - Experts Warn of Mass Exploitation Risk

A newly published proof-of-concept (PoC) for the critical CitrixBleed 2 vulnerability (CVE-2025-5777) has sent shockwaves through the cybersecurity community

CVE-2025-6543: Critical Citrix NetScaler Memory Overflow Vulnerability | iZOOlogic

Discover the details of CVE-2025-6543, a critical Citrix NetScaler memory overflow vulnerability that could allow remote code execution. Learn about affected versions, risks, and mitigation steps.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation

CISA Issues Alert on Actively Exploited Citrix NetScaler ADC and Gateway Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following the addition of a critical Citrix NetScaler vulnerability—CVE-2025-6543

CitrixBleed 2 might be actively exploited (CVE-2025-5777) - Help Net Security

CVE-2025-6543 is being exploited, Netscaler says, but it still doesn't have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777.

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions.

CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds

CVE-2025-5777 poses serious threats to Citrix Netscaler devices—discover recommended actions to block exploitation and protect accounts from Citrix Bleed 2.

Critical Citrix Bleed 2 flaw now likely exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed

Citrix Bleed 2 flaw now believed to be exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed

CitrixBleed 2 Vulnerability Exploited

This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest

Citrix patches critical zero-day. Cisco fixes two maximum-severity flaws.

US Justice Department charges British hacker for allegedly causing $25 million in damages.

Citrix warns of exploitation of Netscaler devices through new bugs

Citrix is sounding the alarm about vulnerabilities affecting Netscaler products that security researchers say are reminiscent of the widely exploited "Citrix Bleed" bug.

Critical Citrix NetScaler Flaw Exploited as Zero-Day

Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day.

Citrix patches critical 0-day amid ‘CitrixBleed 2’ concerns

Two critical vulnerabilities affect common NetScaler ADC and NetScaler Gateway configurations.

Citrix bleeds again: This time a zero-day

Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an...