SecurityWeek
5 months agoCitrix, Gov Agencies Issue Fresh Warnings on CitrixBleed Vulnerability
CVE-2023-4966 (CitrixBleed) is a critical vulnerability in Citrix's NetScaler product that leads to information disclosure.
The flaw had been exploited as a zero-day since August and mass exploitation began three weeks ago.
LockBit ransomware gang has started exploiting the vulnerability, targeting organizations across multiple critical infrastructure sectors. [ more ]