Netscaler News Articles

Over 28,000 Citrix devices vulnerable to new exploited RCE flaw

More than 28,200 Citrix instances are vulnerable to a critical remote code execution vulnerability tracked as CVE-2025-7775 that is already being exploited in the wild.

1 day ago

Citrix fixes critical NetScaler RCE flaw exploited in zero-day attacks

Citrix fixed three NetScaler ADC and NetScaler Gateway flaws today, including a critical remote code execution flaw tracked as CVE-2025-7775 that was actively exploited in attacks as a zero-day vulnerability.

2 days ago

Citrix Under Active Attack Again with Another Zero-Day

The flaw is one of three the company disclosed affecting its NetScaler ADC and NetScaler Gateway technologies.

2 days ago

Citrix Patches Three NetScaler Flaws, Confirms Active Exploitation of CVE-2025-7775

Citrix patches CVE-2025-7775 exploited in NetScaler ADC; fixes three flaws with no workarounds.

2 days ago

Pennsylvania attorney general's email, site down after cyberattack

The Office of the Pennsylvania Attorney General has announced that a recent cyberattack has taken down its systems, including landline phone lines and email accounts.

2 weeks ago

Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug

Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were released.

2 weeks ago

Dutch NCSC Confirms Active Exploitation of Citrix NetScaler CVE-2025-6543 in Critical Sectors

Dutch NCSC warns of CVE-2025-6543 Citrix attacks on critical organizations, urging urgent patches to prevent further breaches.

2 weeks ago

Netherlands: Citrix Netscaler flaw CVE-2025-6543 exploited to breach orgs

The Netherlands' National Cyber Security Centre (NCSC) is warning that a critical Citrix NetScaler vulnerability tracked as CVE-2025-6543 was exploited to breach

2 weeks ago

CVE-2025-5777 – Pre-Auth Memory Leak in Citrix NetScaler (CitrixBleed 2) - CYFIRMA

Published On : 2025-07-18 EXECUTIVE SUMMARY CVE‑2025‑5777 is a critical information disclosure vulnerability in Citrix NetScaler ADC and Gateway appliances, caused by unsafe memory handling in the...

Updates on Actively Exploited Information Disclosure Vulnerability “Citrix Bleed 2” in Citrix NetScaler ADC and Gateway I Arctic Wolf

In late June 2025, Arctic Wolf issued a security bulletin addressing a critical out-of-bounds read vulnerability in Citrix NetScaler ADC and Gateway that Citrix disclosed, tracked as CVE-2025-5777.

Citrix Bleed 2 exploited weeks before PoCs as Citrix denied attacks

A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed

Hackers Started Exploiting CitrixBleed 2 Vulnerability Before Public PoC Disclosure

Researchers detected an active exploitation of CVE-2025-5777, dubbed CitrixBleed 2, nearly two weeks before a public proof-of-concept surfaced. 

Hackers Exploited CitrixBleed 2 Vulnerability Before Public PoC Release

This memory overread vulnerability in Citrix NetScaler appliances demonstrates how sophisticated attackers can identify

Hackers Actively Exploited CitrixBleed 2 Flaw Ahead of PoC Disclosure

Researchers have discovered that threat actors began exploiting CitrixBleed 2 vulnerability nearly two weeks before a public proof-of-concept was released.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its Known Exploited Vulnerabilities (KEV) Catalog, based on evidence of active exploitation.  CVE-2025-5777(link is external) Citrix NetScaler ADC and Gateway...

CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe

The number of Citrix customers impacted by CVE-2025-5777 remains unknown, but researchers have already observed more than 11.5 million attack attempts, targeting thousands of sites.

CISA tags Citrix Bleed 2 as exploited, gives agencies a day to patch

The U.S. Cybersecurity & Infrastructure Security Agency has confirmed active exploitation of the CitrixBleed 2 vulnerability (CVE-2025-5777) in Citrix NetScaler ADC and Gateway and is giving federal agencies one day to apply fixes.

CISA Adds Citrix NetScaler CVE-2025-5777 to KEV Catalog as Active Exploits Target Enterprises

CISA added Citrix NetScaler's CVE-2025-5777 to its KEV catalog as active exploits emerge worldwide. Immediate patching advised.

Vulnerability Citrix NetScaler | CVE-2025-5777

Security alert on the Citrix NetScaler server and Stormshield protection solutions against the CVE-2025-5777.

H-ISAC TLP White Threat Bulletin PoC Exploits Available for Citrix NetScaler ADC and NetScaler Gateway Flaw CVE-2025-5777 | AHA

Proof-of-Concept (PoC) exploits for a critical vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, affecting Citrix NetScaler ADC and Gateway devices are publicly available.

Check for CitrixBleed 2 exploitation even if you patched quickly! (CVE-2025-5777) - Help Net Security

All organizations, even those that patched CVE-2025-5777 (aka CitrixBleed 2), should check for indicators of compromise.

PoC Exploits Released for CitrixBleed2: 127 Bytes Exfiltrated Per Request

Security researchers have released proof-of-concept exploits for CVE-2025-5777, a critical vulnerability in Citrix NetScaler ADC and Gateway devices dubbed "CitrixBleed2."

CISA Adds Four Critical Vulnerabilities to KEV Catalog Due to Active Exploitation

CISA adds four critical vulnerabilities to its KEV list, with active exploitation confirmed. Federal agencies must update by July 2025.

Public exploits released for CitrixBleed 2 NetScaler flaw, patch now

Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens.

CitrixBleed 2 exploits on the loose as orgs slow to patch

Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still...

Citrix NetScaler ADC And NetScaler Gateway Memory Overflow Vulnerability (CVE-2025-6543)

- A vulnerability has been discovered in NetScaler ADC (formerly Citrix ADC) and NetScaler Gateway (formerly Citrix Gateway) - Memory overflow vulnerability leading to unintended control flow and Denial of Service.

CitrixBleed 2 Vulnerability PoC Published - Experts Warn of Mass Exploitation Risk

A newly published proof-of-concept (PoC) for the critical CitrixBleed 2 vulnerability (CVE-2025-5777) has sent shockwaves through the cybersecurity community

CVE-2025-6543: Critical Citrix NetScaler Memory Overflow Vulnerability | iZOOlogic

Discover the details of CVE-2025-6543, a critical Citrix NetScaler memory overflow vulnerability that could allow remote code execution. Learn about affected versions, risks, and mitigation steps.

CISA Adds One Known Exploited Vulnerability to Catalog | CISA

CISA has added one new vulnerability to its KEV Catalog, based on evidence of active exploitation

CISA Issues Alert on Actively Exploited Citrix NetScaler ADC and Gateway Vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert following the addition of a critical Citrix NetScaler vulnerability—CVE-2025-6543

CitrixBleed 2 might be actively exploited (CVE-2025-5777) - Help Net Security

CVE-2025-6543 is being exploited, Netscaler says, but it still doesn't have evidence of exploitation for CVE-2025-5349 or CVE-2025-5777.

Over 1,200 Citrix servers unpatched against critical auth bypass flaw

Over 1,200 Citrix NetScaler ADC and NetScaler Gateway appliances exposed online are unpatched against a critical vulnerability believed to be actively exploited, allowing threat actors to bypass authentication by hijacking user sessions.

CVE-2025-5777: Citrix Bleed 2 Opens Old Wounds

CVE-2025-5777 poses serious threats to Citrix Netscaler devices—discover recommended actions to block exploitation and protect accounts from Citrix Bleed 2.

Citrix Bleed 2 flaw now believed to be exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed

Critical Citrix Bleed 2 flaw now likely exploited in attacks

A critical NetScaler ADC and Gateway vulnerability dubbed

CitrixBleed 2 Vulnerability Exploited

This new CitrixBleed lookalike flaw is being exploited in the wild to gain initial access, according to ReliaQuest

Citrix patches critical zero-day. Cisco fixes two maximum-severity flaws.

US Justice Department charges British hacker for allegedly causing $25 million in damages.

Citrix warns of exploitation of Netscaler devices through new bugs

Citrix is sounding the alarm about vulnerabilities affecting Netscaler products that security researchers say are reminiscent of the widely exploited "Citrix Bleed" bug.

Critical Citrix NetScaler Flaw Exploited as Zero-Day

Citrix has released patches for a critical vulnerability in NetScaler ADC and NetScaler Gateway exploited as a zero-day.

Citrix patches critical 0-day amid ‘CitrixBleed 2’ concerns

Two critical vulnerabilities affect common NetScaler ADC and NetScaler Gateway configurations.

Citrix bleeds again: This time a zero-day

Hot on the heels of patching a critical bug in Citrix-owned Netscaler ADC and NetScaler Gateway that one security researcher dubbed "CitrixBleed 2," the embattled networking device vendor today issued an...

Citrix users hit by actively exploited zero-day vulnerability

The vendor disclosed the critical zero-day in NetScaler ADC and NetScaler Gateway nine days after it warned of a pair of defects in the same products.

Citrix warns of NetScaler vulnerability exploited in DoS attacks

Citrix is warning that a vulnerability in NetScaler appliances tracked as CVE-2025-6543 is being actively exploited in the wild, causing devices to enter a denial of service condition.

New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions

A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed

Citrix Releases Emergency Patches for Actively Exploited CVE-2025-6543 in NetScaler ADC

Citrix releases urgent patches for CVE-2025-6543 in NetScaler ADC, a critical flaw affecting multiple versions. CVSS score 9.2.

Citrix Bleed 2 Flaw Enables Token Theft; SAP GUI Flaws Risk Sensitive Data Exposure

Two critical flaws in SAP GUI expose sensitive data. Patches now available for Windows and Java versions.

Latest Citrix vulnerability could be every bit as bad as Citrix Ble...

A Citrix NetScaler flaw that was quietly patched earlier in June is gathering widespread attention after experts noted strong similarities to the Citrix Bleed vulnerability that caused chaos in late 2023

Critical vulnerability in Citrix Netscaler raises specter of exploitation wave

Threat researchers warn the flaw could open up a flood of attacks that rival the 2023 CitrixBleed crisis.

Up next on the KEV? All signs point to 'CitrixBleed 2'

Citrix patched a critical vulnerability in its NetScaler ADC and NetScaler Gateway products that is already being compared to the infamous CitrixBleed flaw exploited by ransomware gangs and other cyber scum,...

Critical Citrix NetScaler bug fixed, upgrade ASAP! (CVE-2025-5777) - Help Net Security

Citrix has fixed a critical vulnerability (CVE-2025-5777) in NetScaler ADC and Gateway that's reminiscent of the infamous CitrixBleed flaw.