CISA confirms hackers are actively exploiting vital ‘Citrix Bleed 2’ bug

U.S. cybersecurity company CISA says hackers are actively exploiting a critical-rated safety flaw in a extensively used Citrix product, and has given different federal authorities departments simply in the future to patch their methods.

Safety researchers have dubbed the bug “Citrix Bleed 2” for its similarity to a 2023 safety flaw in Citrix NetScaler, a networking product that enormous firms and governments depend on for permitting their employees to remotely entry apps and different assets on their inside networks. Very like the sooner bug, Citrix Bleed 2 may be remotely exploited to extract delicate credentials from an affected NetScaler gadget, permitting the hackers broader entry to an organization’s wider community.

In an alert on Thursday, CISA mentioned it had proof that the bug was being actively utilized in hacking campaigns, including to the raft of analysis and findings pointing to widespread exploitation, with some reporting hacks courting again so far as mid-June. Akamai mentioned it noticed a “drastic enhance” in efforts to scan the web for affected units after particulars of the NetScaler exploit had been revealed earlier this week.

CISA mentioned the NetScaler bug poses a “important threat” to the federal authorities’s methods, and ordered federal authorities companies to patch any Citrix gadget affected by the bug by Friday.

For its half, Citrix has not but acknowledged that the vulnerability is being exploited. The corporate’s safety advisory urges clients to replace affected units as quickly as doable. 

Citrix representatives didn’t reply to TechCrunch’s request for remark.