Tech »  Topic »  Attackers Now 'Scanning Extensively' for Citrix Bleed 2

Attackers Now 'Scanning Extensively' for Citrix Bleed 2

4 hours ago   bankinfosecurity

Ransomware Group Among Attackers Focused on Exploiting Citrix Netscaler Flaw Mathew J. Schwartz (euroinfosec) • July 14, 2025

Security experts warn that attackers have ramped up their collective attempts to find and exploit Citrix NetScaler devices that remain unpatched. (Image: Shutterstock)

Attackers have ramped up their collective attempts to find exploitable Citrix NetScaler devices that remain unpatched to fix a flaw first publicly detailed last month.

See Also: On Demand | Ransomware in 2025: Evolving Threats, Exploited Vulnerabilities, and a Unified Defense Strategy

The scanning activity appears to be heavily focused on finding a pre-authentication remote memory disclosure vulnerability in Citrix NetScaler ADC and Gateway appliances, tracked as CVE-2025-5777 and assigned a CVSS score of 9.3, which makes it "critical" (see: Attackers Actively Exploit 'Citrix Bleed 2' Vulnerability).

Cloud Security Group released a patch to fix CVE-2025-5777 on June 17.

"Since the disclosure of CVE-2025-5777, we have observed increasing attack activity ...


Copyright of this story solely belongs to bankinfosecurity . To see the full text click HERE