Security · 2h ago
Anubis Ransomware Exploits Citrix Bleed 2 for Initial Access
Anubis ransomware affiliates are exploiting the Citrix Bleed 2 vulnerability (CVE-2025-5777) to breach networks. They use legitimate RMM tools and credential theft for lateral movement. The campaign highlights ongoing risks from unpatched Citrix appliances.
Meridian48 take
The story underscores how quickly vulnerability disclosures become ransomware fodder, but the real news is the continued reliance on stolen credentials and living-off-the-land tactics.
Read the full reporting
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials →
The Hacker News
ransomwarecitrix-bleed