CitrixBleed 2 beckons sweeping alarm as exploits spread across the globe

Authorities and researchers are intensifying warnings active exploitation and pervasive scanning of a critical vulnerability affecting multiple versions of Citrix NetScaler products. There is now widespread agreement among security professionals that the critical vulnerability,CVE-2025-5777, whichCitrix disclosed June 17, is serious and harkens back to a 2023 defect in the same products: “CitrixBleed,” orCVE-2023-4966. Naturally, threat hunters are scrambling to assess and stop the strikingly similar challenges summoned by exploits of the newest CVE. For some Citrix customers, the warnings are too late. Vulnerability scans confirm active exploits occurred within a week of disclosure, and attackers have been swarming, hunting for exposed instances of the impacted devices since exploit details were publicly released earlier this month. “This vulnerability in Citrix NetScaler ADC and Gateway systems, also referred to as CitrixBleed 2, poses a significant, unacceptable risk to the security...