CitrixBleed-ing Again? NetScaler Vulnerability Under Attack
Attackers wasted little time targeting the latest memory disclosure flaw in Citrix's NetScaler products, after researchers published a proof-of-concept exploit (PoC).
Yasna brings together recent headlines from selected sources and makes them easier to sort with tags, filters, and search.
Search across headline titles and summaries.
Weekly headline count for the current query.
Attackers wasted little time targeting the latest memory disclosure flaw in Citrix's NetScaler products, after researchers published a proof-of-concept exploit (PoC).
Attackers are hiding a data-stealing trojan inside fake exploit code aimed at the people who hunt bugs for a living. The malware, called ChocoPoC, travels in Python proof-of-concept (PoC) repositories on GitHub that claim to exploit hot new CVEs
CISA has warned that threat actors have started exploiting the "Copy Fail" Linux security vulnerability in the wild, one day after Theori researchers disclosed it and shared a proof-of-concept (PoC) exploit. [...]
But Hacking Groups of All Stripes Now Have Access to Exploit Code, Researchers WarnMicrosoft said an attack campaign targeting zero-day vulnerabilities in on-premises SharePoint servers appears to have begun by July 7, tied to three Chinese hack groups. With proof-of-concept exploit code now in the wild, security experts said hackers of all stripes have joined the fray.
Researchers have released proof-of-concept (PoC) exploits for a critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed CitrixBleed2, warning that the flaw is easily exploitable and can successfully steal user session tokens. [...]
Trend Micro detailed how attackers are using a fake proof-of-concept for a critical Microsoft vulnerability, designed to steal sensitive data from security researchers
Cybersecurity researchers have released a proof-of-concept (PoC) exploit that strings together a now-patched critical security flaw impacting Mitel MiCollab with an arbitrary file read zero-day, granting an attacker the ability to access files from susceptible instances
'Once again, we've lost a little more faith in the internet,' researcher says Researchers are publicizing a proof of concept (PoC) exploit for what they're calling an unauthenticated remote code execution (RCE) vulnerability in Citrix's Virtual Apps and Desktops.…
Researchers have published a proof-of-concept (PoC) exploit script demonstrating a chained remote code execution (RCE) vulnerability on Progress Telerik Report Servers. [...]
Security researchers have released a proof-of-concept (PoC) exploit for a maximum-severity vulnerability in Fortinet's security information and event management (SIEM) solution, which was patched in February. [...]
Race on to patch as researchers warn of mass exploitation of directory traversal bug Various infosec researchers have released proof-of-concept (PoC) exploits for the maximum-severity vulnerability in Palo Alto Networks' PAN-OS used in GlobalProtect gateways.…
Security researchers have released a proof-of-concept (PoC) exploit for a critical vulnerability in Fortinet's FortiClient Enterprise Management Server (EMS) software, which is now actively exploited in attacks. [...]
Researchers found roughly 45,000 Jenkins instances exposed online that are vulnerable to CVE-2023-23897, a critical remote code execution (RCE) flaw for which multiple public proof-of-concept (PoC) exploits are in circulation. [...]
Multiple proof-of-concept (PoC) exploits for a critical Jenkins vulnerability allowing unauthenticated attackers to read arbitrary files have been made publicly available, with some researchers reporting attackers actively exploiting the flaws in attacks. [...]
Cybersecurity researchers have developed a proof-of-concept (PoC) code that exploits a recently disclosed critical flaw in the Apache OfBiz open-source Enterprise Resource Planning (ERP) system to execute a memory-resident payload
Cybersecurity researchers have demonstrated a new technique that exploits a critical security flaw in Apache ActiveMQ to achieve arbitrary code execution in memory
Over the weekend, security researchers released a proof-of-concept (PoC) exploit for a maximum severity vulnerability in Progress Software's WS_FTP Server file sharing solution. [...]
A supposed exploit for a notable RCE vulnerability in the popular Windows file-archiving utility delivers a big sting for unwitting researchers and cybercriminals.
Cybersecurity researchers and threat actors are targeted by a fake proof of concept (PoC) CVE-2023-35829 exploit that installs a Linux password-stealing malware. [...]
In a sign that cybersecurity researchers continue to be under the radar of malicious actors, a proof-of-concept (PoC) has been discovered on GitHub, concealing a backdoor with a "crafty" persistence method