CISA Confirms Hackers are Actively Exploiting Critical 'Citrix Bleed 2' Bug

U.S. cybersecurity agency CISA has confirmed that hackers are actively exploiting a critical-rated security flaw in a widely used Citrix product, leaving federal government departments with just one day to patch their systems.

The bug, dubbed "Citrix Bleed 2" by security researchers due to its similarity to a 2023 security flaw in Citrix NetScaler, can be remotely exploited to extract sensitive credentials from an affected NetScaler device. This allows hackers to gain broader access to a company's wider network, posing a significant risk to the federal government's systems.

CISA said it had evidence that the bug was being actively used in hacking campaigns, adding to the growing concern around widespread exploitation. Some reports suggest that hacks dating back as far as mid-June have been linked to this specific vulnerability.

Akamai reported a "drastic increase" in efforts to scan the internet for affected devices after details of the NetScaler exploit were published earlier this week. This suggests that the bug is being actively targeted by hackers, who are seeking to capitalize on its severity and potential impact.

CISA has ordered federal government agencies to patch any Citrix device affected by the bug by Friday, highlighting the urgent need for action. The agency's alert emphasizes the gravity of the situation, emphasizing that failure to address this vulnerability could result in significant consequences for national security.

However, Citrix has not yet acknowledged that the vulnerability is being exploited. The company's security advisory urges customers to update affected devices as soon as possible, but it remains unclear whether the firm will take further action to address the issue.

"Citrix Bleed 2" is a stark reminder of the ongoing threat landscape and the need for organizations to prioritize their cybersecurity posture. As hackers continue to evolve and exploit new vulnerabilities, it is essential that companies and government agencies remain vigilant and proactive in addressing these risks.