⚠️ Cloud Software Group reveals a medium severity XSS flaw (CVE-2025-12101) in Citrix NetScaler ADC & Gateway platforms! Vulnerable versions include 14.1 before 14.1-56.73 & 13.1 before 13.1-60.32. Immediate patching is crucial to prevent session hijacking & credential theft. 🔒🛡️
Details here: https://gbhackers.com/citrix-netscaler-adc-and-gateway-flaw/ #CyberSecurity #XSS #Citrix #NetScaler #VulnerabilityAlert #newz
🚨 'CitrixBleed 2' (CRITICAL, zero-day) hits Citrix NetScaler & Cisco ISE—core identity platforms. No patch yet. Prioritize network segmentation, strict access, and monitoring. More info: https://radar.offseq.com/threat/citrixbleed-2-wreaks-havoc-as-zero-day-bug-d3cc0456 #OffSeq #ZeroDay #IAM #NetScaler #Cisco
Dutch article about the warnings by @GossiTheDog
#citrix #netscaler #tweakers #cybersecurity
https://tweakers.net/nieuws/238610/chinese-groep-plaatste-in-mei-blijvende-backdoors-op-citrix-netscaler-systemen.html
Technical details (english): https://doublepulsar.com/citrix-netscaler-backdoors-part-one-may-2025-activity-against-governments-f48037199c3f
#Citrix #Netscaler hat mal wieder eine kritische #Sicherheitslücke. Liebe Admins: Patchen!!!!
Citrix’s new CVE-2025-7775 flaw is a ticking time bomb—letting attackers run code and crash systems without even needing to log in. Is your network at risk?
https://thedefendopsdiaries.com/understanding-cve-2025-7775-a-critical-citrix-vulnerability/
Nice dashboard for current CVE-2025-7775 RCE vulnerability.
https://dashboard.shadowserver.org/statistics/combined/tree/?date_range=1&source=exchange&source=exchange6&source=http_vulnerable&source=http_vulnerable6&tag=cve-2025-7775%2B&data_set=count&scale=log&auto_update=on
#citrix #netscaler #cybersecurity
There are new security vulnerabilities in #Citrix #NetScaler that are already exploited.
The National Cyber Security Centrum of the Netherlands provided a Bash script with (limited) detection capabilities to find Webshells on NetScaler appliances.
https://github.com/NCSC-NL/citrix-2025/tree/main/live-host-bash-check
« NetScaler ADC et Gateway – failles critiques
Publié le
26.08.2025
NetScaler ADC et NetScaler Gateway (anciennement Citrix ADC et Citrix Gateway) sont des solutions largement utilisées pour gérer le trafic réseau, fournir un accès distant sécurisé et améliorer la performance des applications.
Des failles critiques ont été découvertes et l’une d’entre elles est déjà activement exploitée par des cybercriminels, ce qui rend la mise à jour urgente. »
👇
https://www.vd.ch/actualites/actualite/news/25456-netscaler-adc-et-gateway-failles-critiques
NCSC verwacht snel grootschalige hacks via nieuw Citrix NetScaler-lek
https://tweakers.net/nieuws/238460/ncsc-verwacht-snel-grootschalige-hacks-via-nieuw-citrix-netscaler-lek.html
#citrix #netscaler #cybersecurity
🚨 NetScaler Zero-Day Exploited 🚨
Citrix confirms CVE-2025-7775 (pre-auth RCE/DoS) is being exploited in the wild.
🔹 Exploits deliver webshells → persistent backdoors
🔹 No workarounds, patches only
🔹 Multiple NetScaler zero-days have been hammered this year
Why do you think Citrix appliances are such a repeated attack surface?
Citrix’s NetScaler is vulnerable—a memory overflow bug is letting attackers execute code remotely before you even have a chance to patch. Is your system at risk? Read on to find out what you can do now.
New Citrix #NetScaler 0day pokes its head above the wall. CVE-2025-7775 has been added to VulnCheck KEV (it's free!)
https://www.vulncheck.com/blog/new-citrix-netscaler-zero-day-vulnerability-exploited-in-the-wild
This script might come in handy for people potentially compromised through their NetScaler:
https://github.com/NCSC-NL/citrix-2025/tree/main/live-host-bash-check
Better late than never — we’ve just published the July Vulnerability Report.
👉 https://www.vulnerability-lookup.org/2025/08/23/vulnerability-report-july-2025/
📌 Key highlights:
The most reported vulnerability this month is CVE-2025-53770, a critical flaw in #Microsoft SharePoint Enterprise Server 2016, with more than 400 sightings.
Other high-impact issues include CVE-2025-5777 (#NetScaler ADC) and CVE-2025-25257 (#Fortinet #FortiWeb.
📢 Plus de 3 300 Citrix NetScaler restent non patchés face à une faille critique
📝 Selon BleepingComputer, près de deux mois après la diffusion des correctifs, pl...
📖 cyberveille : https://cyberveille.ch/posts/2025-08-12-plus-de-3-300-citrix-netscaler-restent-non-patches-face-a-une-faille-critique/
🌐 source : https://www.bleepingcomputer.com/news/security/over-3-000-netscaler-devices-left-unpatched-against-actively-exploited-citrixbleed-2-flaw/
#Citrix #NetScaler #Cyberveille
🚨 Over 3,300 Citrix NetScaler devices remain unpatched against the critical #CitrixBleed2 vulnerability (CVE-2025-5777), risking session hijacks & MFA bypass! Attackers can steal session tokens remotely. Patch now to avoid data breaches and network risks! 🔐🛡️ #newz
Details: https://www.bleepingcomputer.com/news/security/over-3-000-netscaler-devices-left-unpatched-against-actively-exploited-citrixbleed-2-flaw/ #Cybersecurity #InfoSec #NetScaler
Dutch #NCSC: #Citrix #NetScaler zero-day breaches critical orgs
https://securityaffairs.com/181070/hacking/dutch-ncsc-citrix-netscaler-zero-day-breaches-critical-orgs.html
#securityaffairs #hacking
Citrix users, your NetScaler devices might be leaving your data wide open. Over 3,300 systems are still unpatched, letting hackers bypass authentication like a "master key." Is your network at risk? Dive into the details and protect your assets now.
https://thedefendopsdiaries.com/understanding-and-mitigating-the-citrixbleed-2-vulnerability/
#citrixbleed2
#netscaler
#cybersecurity
#vulnerability
#patchmanagement
Lezenswaardige update van het NCSC over de Citrix kwetsbaarheid.
"Het NCSC stelt vast dat er meerdere kritieke organisaties binnen Nederland succesvol aangevallen zijn via een kwetsbaarheid met kenmerk CVE-2025-6543 in Citrix NetScaler...."
https://www.ncsc.nl/actueel/nieuws/2025/07/22/casus-citrix-kwetsbaarheid
#citrix #netscaler #ncsc #cybersecurity #zeroday
