The Register
Citrix has pushed out fixes for three fresh NetScaler holes – and yes, they've already been used in the wild before the vendor got around to patching.
The flaws, tracked as CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, affect NetScaler ADC and NetScaler Gateway appliances.
Security researcher Kevin Beaumont confirmed that they've been used as zero-days, meaning attackers were inside before the vendor's patch cycle caught up. He singled out CVE-2025-7775 as "the main problem" – a pre-auth remote code execution bug that's being abused to drop webshells and backdoor appliances. Citrix itself describes it as a memory overflow bug that can be abused for remote code execution or denial of service, and it's been slapped with a CVSS score of 9.2
Beaumont added that affected organizations wil
NBC News
Reuters US Business
Raw Story
Deseret News
The US Sun Technology
IndyStar
CNN
PC World
Fast Company Technology
AlterNet