🐞 CVE les plus discutées dans la semaine 28

CitrixBleed 2 Sparks Global Panic as Hackers Target Critical InfrastructureA New Cyber Crisis Unfolds A fresh cybersecurity catastrophe is gripping global networks, as a newly discovered vulnerability in Citrix NetScaler products—dubbed CitrixBleed 2—emerges as a dire threat. Thi…

#InfoSec well the actual winner was of course Fortinet with a corker 9.6 SQLi-to-RCE pivot https://fortiguard.fortinet.com/psirt/FG-IR-25-151 but Citrix came in late with a top notch 9.3 bleeding memory attack https://www.netscaler.com/blog/news/netscaler-critical-security-update…

New CitrixBleed 2 scan data: https://raw.githubusercontent.com/GossiTheDog/scanning/refs/heads/main/CVE-2025-5777-CitrixBleed2-ElectricBoogaloo-patching.txt+7000 extra hosts added this round, host list is so large you need to use the raw view to see it.Next set of data publicatio…

@GossiTheDog 🧐 are you referring to CVE-2025-5777 or did I miss yet another? We hadn’t planned on it but what are you thinking?

GreyNoise observed exploitation of CitrixBleed 2 (CVE-2025-5777) nearly two weeks before a public PoC was released. Full breakdown: https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc #GreyNoise #ThreatIntel #CitrixBleed #Citrix #NetScaler

🩸& #threatintel | We (@greynoise) just published a quick note (https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc) regarding CVE-2025-5777 - CitrixBleed 2The main takeaway is we, first hand, observed exploitation almost two weeks before the P…

GreyNoise blog just out about #CitrixBleed2, they see exploitation from IPs in China from June 23rd targeting specifically Netscaler appliances https://www.greynoise.io/blog/exploitation-citrixbleed-2-cve-2025-5777-before-public-poc

I've created a pull request to detect CitrixBleed 2 into Burp's Bcheck repository: https://github.com/PortSwigger/BChecks/pull/253The code is here if you want to give it a try: https://github.com/felmoltor/BChecks/blob/main/vulnerabilities-CVEd/CVE-2025-5777%20-%20CitrixBleed%202…

CitrixBleed 2 Exposed: Hackers Exploited CVE-2025-5777 Before the World Knew It ExistedZero-Day Nightmare: A Race Against Time A shocking new cybersecurity incident has rattled the IT world. Security researchers at GreyNoise have uncovered a troubling exploit—CVE-2025-5777, now k…

@GossiTheDog @christopherkunzhttps://www.netscaler.com/blog/news/evaluating-netscaler-logs-for-indicators-of-attempted-exploitation-of-cve-2025-5777/'Evaluating NetScaler logs for indicators of attempted exploitation of CVE-2025-5777'

Citrix have a blog out about hunting for #CitrixBleed2 https://www.netscaler.com/blog/news/evaluating-netscaler-logs-for-indicators-of-attempted-exploitation-of-cve-2025-5777/It's what was in my earlier blog - look for invalid characters in the username field and duplicate sessio…

“A critical Citrix NetScaler vulnerability, tracked as CVE-2025-5777 and dubbed 'CitrixBleed 2,' was actively exploited nearly two weeks before proof-of-concept (PoC) exploits were made public, despite Citrix stating that there was no evidence of attacks.”https://www.bleepingcomp…

#citrixbleed2 Latest news from Holland is that the Dutch Public Prosecution office (Openbaar Ministerie) is down (disconnected from Internet) quite likely (from the various reporting) due to an exploited cve-2025-5777. https://www.nrc.nl/nieuws/2025/07/18/openbaar-ministerie-is-o…

Updated #CitrixBleed2 scans https://github.com/GossiTheDog/scanning/blob/main/CVE-2025-5777-CitrixBleed2-ElectricBoogaloo-patching.txtFields - IP, SSL certification hostnames, Netscaler firmware, if vulnerable to CVE-2025-5777I've had a few orgs contest that they're not vulnerabl…

Saturday afternoon, Dutch OM still not reconnected to the Internet after Citrix cve-2025-5777 exploit https://www.nrc.nl/nieuws/2025/07/19/digitale-werkomgeving-openbaar-ministerie-nog-steeds-uit-de-lucht-a4900727 #citrixbleed2

The Canadian government cyber centre are this weekend recommending all orgs review historic logs for #CitrixBleed2 compromise, and reset all user sessions https://www.cyber.gc.ca/en/alerts-advisories/vulnerabilities-impacting-citrix-netscaler-adc-netscaler-gateway-cve-2025-5349-…

@GossiTheDog Looks like Arctic Wolf referenced your info as well! https://arcticwolf.com/resources/blog/follow-up-updates-on-actively-exploited-information-disclosure-vulnerability-citrix-bleed-2-in-citrix-netscaler-adc-and-gateway-cve-2025-5777/Meanwhile still have yet to hear f…

Okay, FFS. We now have concurrent exploitation for:Fortinet: https://www.cve.org/CVERecord/SearchResults?query=CVE-2025-25257Citrix (2): https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5777 and https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2025-5349Microsoft: https:/…

Greenshot 1.3.290 als finale Version freigegeben korrigiert eine Sicherheitslücke (CVE-2023-34634)https://www.deskmodder.de/blog/2025/07/16/greenshot-1-3-290-als-finale-version-freigegeben-korrigiert-eine-sicherheitsluecke-cve-2023-34634/

Greenshot sollten sich alle anschauen, die öfters Screenshots unter Windows oder macOS machen.https://www.deskmodder.de/blog/2025/07/18/greenshot-1-3-290-als-finale-version-freigegeben-korrigiert-eine-sicherheitsluecke-cve-2023-34634/

[RSS] CVE-2025-5333 - CVSS 9.5: Remote Code Execution in Broadcom Symantec Endpoint Management Suite (Altiris)https://www.lrqa.com/en/cyber-labs/remote-code-execution-in-broadcom-altiris-irm/

Global Security Crisis: CVE-2025-5333 Exposes Millions to Remote Code Execution via Symantec Endpoint SuiteThe Invisible Threat Lurking Inside Enterprise Networks A newly disclosed vulnerability in Broadcom’s Symantec Endpoint Management Suite has sent shockwaves across the cyber…

CVE-2025-6554 marks the fifth actively exploited Chrome Zero-Day patched by Google in 2025 https://securityaffairs.com/180001/hacking/cve-2025-6554-marks-the-fifth-actively-exploited-chrome-zero-day-patched-by-google-in-2025.html#cyberseurity #chrome #Zeroday

Google Urgently Patches Six Critical Chrome Vulnerabilities, Including Active Zero-Days Exploited by HackersIn a recent security update, Google has patched six serious vulnerabilities in its Chrome browser, including two actively exploited zero-day flaws that put millions of user…

Google Chrome, fix in emergenza per un bug critico che porta ad una sandbox escapeGoogle ha rilasciato un aggiornamento di emergenza per il browser Chrome, eliminando sei vulnerabilità contemporaneamente, una delle quali è già attivamente sfruttata in attacchi reali. Il problema …

#InfoSec well the actual winner was of course Fortinet with a corker 9.6 SQLi-to-RCE pivot https://fortiguard.fortinet.com/psirt/FG-IR-25-151 but Citrix came in late with a top notch 9.3 bleeding memory attack https://www.netscaler.com/blog/news/netscaler-critical-security-update…

The Canadian government cyber centre are this weekend recommending all orgs review historic logs for #CitrixBleed2 compromise, and reset all user sessions https://www.cyber.gc.ca/en/alerts-advisories/vulnerabilities-impacting-citrix-netscaler-adc-netscaler-gateway-cve-2025-5349-…

[RSS] CVE-2025-4919: Corruption via Math Space in Mozilla Firefoxhttps://www.thezdi.com/blog/2025/7/14/cve-2025-4919-corruption-via-math-space-in-mozilla-firefox

This Week in Security: Trains, Fake Homebrew, and AI Auto-HackingThere’s a train vulnerability making the rounds this week. The research comes from [midwestneil], who first discovered an issue way back in 2012, and tried to raise the alarm.Turns out you can just hack any train in…