CVE-2023-4966, aka “Citrix Bleed”, a critical information disclosure vulnerability affecting Citrix NetScaler ADC/Gateway devices, is being massively exploited by threat actors. According to security researcher Kevin Beaumont’s cybersecurity industry sources, one ransomware group has already distributed a Python script to automate the attack chain to their operators, and other groups have started leveraging a working exploit. CVE-2023-4966 exploited Threat actors have been quick to leverage vulnerabilities in Citrix NetScaler ADC in the past, and this … More
The post Citrix Bleed: Mass exploitation in progress (CVE-2023-4966) appeared first on Help Net Security.