Critical security vulnerability in Citrix Gateway and Netscaler ADC

The manufacturer warns of a memory leak and possibly swapped user sessions in the security appliances. Admins should update.
Bleeping Computer

New 'CitrixBleed 2' NetScaler flaw let hackers hijack sessions

A recent vulnerability in Citrix NetScaler ADC and Gateway is dubbed "CitrixBleed 2," after its similarity to an older exploited flaw that allowed unauthenticated attackers to hijack authentication ...

Xen Project quietly announced five years of support for all releases

As Citrix slips out a preview of Xen Server 9, the release that brings it back to the V12N mainstream The Xen Project has ...
Bleeping Computer

Over 3,000 NetScaler devices left unpatched against CitrixBleed 2 bug

Over 3,300 Citrix NetScaler devices remain unpatched against a critical vulnerability that allows attackers to bypass authentication by hijacking user sessions, nearly two months after patches were ...
Computer Weekly

Citrix Bleed 2 under active attack, reports suggest

A freshly discovered vulnerability in the perennially under-fire Citrix NetScaler Application Delivery Controller (ADC) and NetScaler Gateway appliances, which has been compared to 2023’s Citrix Bleed ...
Ars Technica

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks

A critical vulnerability allowing hackers to bypass multifactor authentication in network management devices made by Citrix has been actively exploited for more than a month, researchers said. The ...
Computer Weekly

Three new Citrix NetScaler zero-days under active exploitation

Citrix has issued patches to fix three newly designated common vulnerabilities and exposures (CVEs) in the widely used NetScaler Application Delivery Controller (ADC) and NetScaler Gateway lines, at ...
SDxCentral

Citrix Releases Security Updates for XenServer and Citrix Hypervisor

Citrix released security updates to address multiple vulnerabilities in XenServer and Citrix Hypervisor. A cyber threat actor could exploit some of these vulnerabilities to cause a denial of service ...
Infosecurity-magazine.com

Researchers Share CitrixBleed 2 Detection Analysis After Initial Hold

Researchers from WatchTowr have published technical details of a detection script which can be used to identify exploitation of the CitrixBleed 2 vulnerability. The flaw, tracked as CVE-2025-5777, is ...
SDxCentral

Citrix Releases Security Updates for Citrix Workspace App for Windows

Citrix released security updates to address multiple vulnerabilities in the Citrix Workspace App for Windows. A cyber threat actor could exploit some of these vulnerabilities to take control of an ...
CIOL

Citrix, Akamai collaborate for web application delivery

BANGALORE, INDIA: Citrix Systems and Akamai Technologies announced an agreement that will make it easier for customers and integration partners to combine each company’s web application delivery ...