LockBit Ransomware Exploiting Critical Citrix Bleed Vulnerability to Break In

Multiple threat attackers, including LockBit ransomware affiliates, are exploiting a critical security flaw in Citrix NetScaler appliances to gain initial access to target environments. Relevant authorities have issued a joint advisory about the security flaw, dubbed as “Citrix Bleed,” which bypasses standard security measures leading to session hijacking. Despite Citrix addressing the issue, the vulnerability continues to be exploited, particularly by LockBit, highlighting the persistent threat of vulnerabilities in exposed services in ransomware attacks.