Recorded Future reports:
The federal cybersecurity watchdog ordered all civilian agencies to immediately patch a vulnerability impacting several NetScaler products used by organizations to manage network traffic.
The Cybersecurity and Infrastructure Security Agency (CISA) added the bug — tracked as CVE-2025-5777 — to its catalog of known exploited vulnerabilities on Thursday afternoon but took the extraordinary step of giving federal civilian agencies just one day to patch it.
When asked why the bug had the shortest patching deadline ever issued by the agency, CISA Acting Executive Assistant Director for Cybersecurity Chris Butera said the vulnerability — which he referred to by its colloquial name “Citrix Bleed 2” — poses “a significant, unacceptable risk to the security of the federal civilian enterprise.”
Read more at Recorded Future.
