Security news aggregator

Latest coverage for Citrix

Explore the latest Citrix security updates, vulnerabilities, and best practices. Stay informed on protecting your Citrix environment with our insights.

33 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Citrix delivers virtualization and remote access platforms that enable users to run applications and desktops hosted on centralized servers. These technologies support remote work by providing virtualized environments accessible from various devices, often serving as gateways to internal corporate networks. Key components include virtual apps, desktops, and networking tools that facilitate secure connections to enterprise resources.

Citrix environments are critical security targets because vulnerabilities can allow attackers to bypass authentication, execute remote code, or escalate privileges, potentially leading to broader network compromise. Security risks increase with misconfigurations or delayed patching of known flaws. Defenders should prioritize timely updates, enforce strong multi-factor authentication, and monitor remote sessions for unusual activity to reduce exposure to exploitation attempts targeting Citrix infrastructure.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 33 Filtered view
Bank Info Security 10 months, 3 weeks ago

Citrix NetScaler Devices Yet Again Under Attack

Citrix Publishes Patches After Attackers Exploit Memory Overflow VulnerabilityNetScaler customers of virtualization giant Citrix once again should patch immediately to stymie the hackers exploiting a zero-day. Citrix warned Tuesday that hackers are using a memory overflow vulnerability now tracked as CVE-2025-7775. The vulnerability carries a CVSS score of 9.2.

Ransomware Group Among Attackers Focused on Exploiting Citrix Netscaler FlawSecurity experts warn that attackers have ramped up their collective attempts to find and exploit Citrix NetScaler devices that remain unpatched. Cloud Security Group patched CVE-2025-5777, a flaw also known as "Citrix Bleed 2," nearly four weeks ago with a software update.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) on Thursday added a critical security flaw impacting Citrix NetScaler ADC and Gateway to its Known Exploited Vulnerabilities (KEV) catalog, officially confirming the vulnerability has been weaponized in the wild

Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. [...]

NetScaler vendor issued a patch but otherwise, stony silence Multiple exploits are circulating for CVE-2025-5777, a critical bug in Citrix NetScaler ADC and NetScaler Gateway dubbed CitrixBleed 2, and security analysts are warning a "significant portion" of users still haven't patched.…

Loading more headlines...