Topic: session hijacking
-
Secure Your Web Edge: Stop Browser-Based Breaches Now
Modern web browsers are central to enterprise operations but also a major security vulnerability, increasingly targeted by cybercriminals for identity intrusions and data theft. A webinar on September 29th will explore how browsers are weaponized, covering attack methods like session hijacking an...
Read More » -
Hackers Exploit New 'CitrixBleed 2' NetScaler Flaw to Hijack Sessions
A new vulnerability dubbed "CitrixBleed 2" in Citrix NetScaler ADC and Gateway systems allows attackers to hijack sessions and bypass security, similar to a previous flaw. Two critical vulnerabilities (CVE-2025-5777 and CVE-2025-5349) affect NetScaler systems, with the more severe one enabling un...
Read More » -
6 Browser Threats Your Security Team Must Prepare for in 2025
The browser is now a primary attack surface for cyber threats, targeting cloud applications and corporate data through sophisticated campaigns. Key browser-based threats include phishing for credentials and sessions, malicious code delivery, and malicious OAuth integrations, which bypass traditio...
Read More » -
1,200+ Citrix servers vulnerable to critical auth bypass flaw
Over 1,200 Citrix NetScaler systems remain vulnerable to CVE-2025-5777, a severe authentication bypass flaw enabling session hijacking and MFA bypass, with potential active exploitation despite Citrix's denial. The flaw, dubbed "Citrix Bleed 2," allows attackers to steal session tokens and creden...
Read More » -
Beyond Email: The New Frontier of Phishing Attacks
Phishing attacks are increasingly moving beyond email to exploit social media, messaging apps, and malicious ads, challenging traditional email-focused security defenses. These multi-channel attacks use sophisticated obfuscation techniques to evade detection and often target core identity platfor...
Read More » -
CitrixBleed 2 Vulnerability Actively Exploited
A critical vulnerability in Citrix NetScaler systems (CVE-2025-5777, CVSS 9.3), dubbed CitrixBleed 2, allows attackers to bypass authentication and compromise user sessions, similar to the 2023 CitrixBleed exploit. Attackers are actively exploiting the flaw, using tactics like MFA bypass, session...
Read More »
