Topic: session token theft
-
WatchGuard Firewalls Hacked, Fake PoCs Target Security Pros
Critical vulnerabilities in widely used firewalls like WatchGuard are being actively exploited, requiring immediate patching to prevent network breaches. Threat actors are deploying sophisticated social engineering, such as malware disguised as exploit code, and leveraging darknet AI assistants t...
Read More » -
3,000+ Unpatched NetScaler Devices Vulnerable to CitrixBleed 2
Over 3,300 Citrix NetScaler systems remain unpatched against CVE-2025-5777 (CitrixBleed 2), exposing organizations to session hijacking and data theft despite available fixes. The flaw allows attackers to bypass authentication, intercept session tokens, and compromise credentials, with active exp...
Read More » -
Urgent: Patch Citrix Bleed 2 NetScaler flaw as exploits go public
A critical Citrix NetScaler vulnerability (CVE-2025-5777) allows attackers to steal session tokens by exploiting malformed login requests to dump memory contents, similar to last year's CitrixBleed flaw. The flaw arises from improper use of the snprintf function, leaking ~127 bytes of memory per ...
Read More »