CISA Orders Feds to Patch Actively Exploited Citrix Flaw by Thursday

CISA orders feds to patch actively exploited Citrix flaw by Thursday

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) ordered government agencies to patch their Citrix NetScaler appliances against an actively exploited vulnerability by Thursday.

Citrix NetScaler products confirmed to be under exploitation

Security researchers at watchTowr warn that multiple flaws are involved in the early stages of a hacking spree that could rival the 2023 CitrixBleed campaign.

Citrix NetScaler Flaw CVE-2026-3055 Moves From Reconnaissance to Active Exploitation, Security Firms Warn

A critical vulnerability in Citrix NetScaler appliances is rapidly escalating from early reconnaissance into active exploitation, according to multiple security researchers tracking activity in the wild. The flaw, tracked as CVE-2026-3055, exposes enterprise systems to sensitive data leakage and is already drawing attention from threat actors probing internet-facing infrastructure.Security researchers at Defused Cyber and watchTowr report that a…

CISA tells federal agencies to patch Citrix NetScaler bug by Thursday

The bug enables threat actors to send requests that disclose sensitive information and carries a severity score of 9.3 out of 10, indicating a critical risk.