Get the latest tech news

Critical CitrixBleed 2 vulnerability has been under active exploit for weeks


Exploits allow hackers to bypass 2FA and commandeer vulnerable devices.

The list of Citrix customers hacked in the CitrixBleed exploitation spree included Boeing, Australian shipping company DP World, Commercial Bank of China, and the Allen & Overy law firm. A company representative said that "Citrix is committed to transparency in responsibly sharing information that can help customers identify any anomalies in their NetScaler products as part of their analysis." Dan Goodin is Senior Security Editor at Ars Technica, where he oversees coverage of malware, computer espionage, botnets, hardware hacking, encryption, and passwords.

Get the Android app

Or read this on ArsTechnica

Read more on:

Photo of Weeks

Weeks

Photo of vulnerability

vulnerability

Photo of active exploit

active exploit

Related news:

News photo

I've worn the smaller OnePlus Watch 3 43mm for weeks. Here's why it's better and worse than the original

News photo

Nexus Mods is getting age verification for UK and EU users, weeks after changing owners

News photo

NASA gives Lunar Trailblazer a few more weeks to pick up the phone