Patch-resistant autonomous exploits of Citrix NetScaler hardware hit thousands in Europe

Researchers have found an expansive and active threat campaign that exploited a severe Citrix NetScaler vulnerability to backdoor thousands of devices, including those that were subsequently patched.

Attackers automated the exploitation of the remote code execution vulnerability, tracked as CVE-2023-3519, to place Web shells on vulnerable devices. These were found to persist through patches and reboots.

Read more…