Urgent: Active Exploitation of CitrixBleed 2 Poses Critical Security Threat
The US CISA has confirmed that the critical security flaw CVE-2025-5777, dubbed CitrixBleed 2, is actively being exploited to hijack user sessions, with attackers targeting NetScaler devices. Despite Citrix's initial reassurance, security researchers have demonstrated that the vulnerability can bypass multi-factor authentication and access sensitive data, and recent telemetry indicates ongoing exploitation and increased scanning activity. The scope of affected victims remains unclear, and Citrix has not provided further comment.