CISA Adds Citrix and Git Flaws to KEV Catalogue Amid Active Exploitation
CISA has added three actively exploited vulnerabilities in Citrix and Git to its KEV Catalogue. Federal agencies must…
Citrix
Over 28,000 Citrix instances remain exposed to critical RCE flaw CVE-2025-7775
Over 28,200 Citrix NetScaler ADC/Gateway instances remain exposed to critical RCE flaw CVE-2025-7775, already under active exploitation. Experts at the Shadowserver Foundation warn that more than 28,200 Citrix instances are vulnerable to the vulnerability CVE-2025-7775, which is under active exploitation. CVE-2025-7775 (CVSS score: 9.2) is a memory overflow vulnerability leading to Remote Code Execution and/or Denial-of-Service. […]
U.S. CISA adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog
U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Citrix NetScaler flaw to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Citrix NetScaler flaw, tracked as CVE-2025-7775, to its Known Exploited Vulnerabilities (KEV) catalog. This week, Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it […]
Citrix Patches Exploited NetScaler Zero-Day
Zero-day exploited in the wild forces Citrix and CISA to push emergency patch deadlines for federal agencies.
The post Citrix Patches Exploited NetScaler Zero-Day appeared first on SecurityWeek.
Citrix fixed three NetScaler flaws, one of them actively exploited in the wild
Citrix addressed three vulnerabilities in NetScaler ADC and NetScaler Gateway, including one that has been actively exploited in the wild. Citrix addressed three security flaws (CVE-2025-7775, CVE-2025-7776, CVE-2025-8424) in NetScaler ADC and NetScaler Gateway, including one (CVE-2025-7775) that it said has been actively exploited in the wild. “Exploits of CVE-2025-7775 on unmitigated appliances have been observed.” […]
NetScaler ADC/Gateway zero-day exploited by attackers (CVE-2025-7775)
Three new vulnerabilities affecting (Citrix) NetScaler application delivery controller (ADC) and Gateway devices have been made public, one of which (CVE-2025-7775) has been targeted in zero-day attacks. “Exploits of CVE-2025-7775 on unmitigated …
Netscaler vulnerability was exploited as zero-day for nearly two months (CVE-2025-6543)
FortiGuard Labs has reported a dramatic spike in exploitation attempts targeting Citrix Bleed 2, a critical buffer over‑read flaw (CVE‑2025‑5777) affecting Citrix NetScaler ADC (Application Delivery Controller) and Gateway devices. Since July 28, 2025,…
Citrix delivers new tools for quantum-ready, anywhere work
Citrix has released two new offerings to help enterprises provide secure application access for their entire workforce amid an evolving threat landscape. The first is its post-quantum cryptography (PQC) solution for NetScaler which addresses the emergi…
CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable
The CitrixBleed 2 vulnerability in NetScaler may expose organizations to compromise even if patches have been applied.
The post CitrixBleed 2: 100 Organizations Hacked, Thousands of Instances Still Vulnerable appeared first on SecurityWeek.
CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA
CISA considers the recently disclosed CitrixBleed 2 vulnerability an unacceptable risk and has added it to the KEV catalog.
The post CitrixBleed 2 Flaw Poses Unacceptable Risk: CISA appeared first on SecurityWeek.