Multiple threat attackers, including LockBit ransomware affiliates, are exploiting a critical security flaw in Citrix NetScaler appliances to gain initial access to target environments. Relevant authorities have issued a joint advisory about the security flaw, dubbed as “Citrix Bleed,” which bypasses standard security measures leading to session hijacking. Despite Citrix addressing the issue, the vulnerability continues to be exploited, particularly by LockBit, highlighting the persistent threat of vulnerabilities in exposed services in ransomware attacks.
Hackers Launch Social Engineering Offensive Against Key Node.js Maintainers
Following the high-profile supply chain compromise of the widely used Axios package, a highly coordinated social engineering campaign has been uncovered targeting top-tier Node.js and
.webp?w=0&resize=0,0&ssl=1 "Top 10 Best User Access Management Tools in 2026")