Approximately two weeks prior to the public dissemination of proof-of-concept (PoC) exploits, a significant Citrix NetScaler vulnerability, designated as CVE-2025-5777 and referred to as "CitrixBleed 2," was already undergoing active exploitation. This occurred despite Citrix's declaration that no attack indicators had been observed.
A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed "CitrixBleed 2," was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks.
