CISA has alerted federal government departments about active exploitation of a critical security flaw in Citrix's NetScaler product, named "Citrix Bleed 2." This vulnerability allows hackers to remotely extract sensitive credentials from affected devices, facilitating broader access to internal networks. Evidence suggests that the exploitation has been ongoing since mid-June, with a significant rise in scanning for vulnerable systems noted. CISA has mandated that federal agencies apply patches to vulnerable devices by Friday, while Citrix has recommended urgent updates but has yet to officially confirm the exploitation of the flaw.
CISA has warned that hackers are exploiting a critical security flaw in Citrix products, dubbed "Citrix Bleed 2," which could allow remote credential extraction.
Reports indicate that the vulnerability has been actively used in hacking campaigns since mid-June, demonstrating the urgency for federal agencies to patch affected systems.
Collection
[
|
...
]