Thousands of organizations have been subjected to over 11.5 million attempted attacks involving the critical CitrixBleed 2 vulnerability, tracked as CVE-2025-5777, impacting Citrix NetScaler ADC and Gateway systems, according to CyberScoop.
Organizations in the financial services sector were targeted by 40% of the attack attempts, with 60% of the said entities based in the U.S., a report from Imperva researchers revealed. Moreover, intrusions exploiting the flaw were observed by GreyNoise to have originated from 22 unique malicious IPs, half of which were discovered on Friday alone. Ongoing abuse of CitrixBleed 2 may even be worse than CitrixBleed, noted Trend Micro Zero Day Initiative Head of Threat Awareness Dustin Childs. "The attack is very repeatable and those systems rarely have network monitoring. They also aren't regularly updated, so patching them may be an issue," Childs added. Such reports come as the Cybersecurity and Infrastructure Security Agency on Friday urged federal agencies to remediate the vulnerability within 24 hours.
Organizations in the financial services sector were targeted by 40% of the attack attempts, with 60% of the said entities based in the U.S., a report from Imperva researchers revealed. Moreover, intrusions exploiting the flaw were observed by GreyNoise to have originated from 22 unique malicious IPs, half of which were discovered on Friday alone. Ongoing abuse of CitrixBleed 2 may even be worse than CitrixBleed, noted Trend Micro Zero Day Initiative Head of Threat Awareness Dustin Childs. "The attack is very repeatable and those systems rarely have network monitoring. They also aren't regularly updated, so patching them may be an issue," Childs added. Such reports come as the Cybersecurity and Infrastructure Security Agency on Friday urged federal agencies to remediate the vulnerability within 24 hours.
