Attackers on underground forums claimed they were using HexStrike AI, an open-source red-teaming tool, against Citrix NetScaler vulnerabilities within hours of disclosure, according to Check Point cybersecurity evangelist Amit Weigman.

The AI tool, and its near-instantaneous adoption by cybercriminals, signal "the window between disclosure and mass exploitation shrinks dramatically," Weigman wrote in a Tuesday blog.

CVE-2025-7775, a critical, pre-auth remote code execution bug, was abused as a zero-day to drop webshells and backdoor appliances before Citrix issued a patch.

"And with HexStrike AI, the volume of attacks will only increase in the coming days," Weigman warned.

HexStrike AI is an AI-powered penetration testing framework developed by security researcher Muhammad Osama and re

See Full Page