BTC $71,807
2026 Bull Run Is Building Start trading with 5% OFF all fees
Sign Up Now
BTC $71,807
Bull Run 2026 | 5% Off Fees Open your Binance account today
Sign Up

CISA Adds Four New Exploited Vulnerabilities, Citrix Bleed 2 Active

Federal agencies are advised to apply required security updates by July 28, 2025.

  • CISA added four new actively exploited vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
  • The affected software includes Multi-Router Looking Glass, PHPMailer, Ruby on Rails Action View, and Zimbra Collaboration Suite.
  • Researchers identified active exploitation of two critical vulnerabilities in Citrix NetScaler ADC (CVE-2025-5777 and CVE-2025-6543).
  • Attackers exploit the Citrix Bleed 2 flaw to leak sensitive information such as credentials and session tokens.

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added four software vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog on July 8, 2025, after confirming they are under active exploitation. The affected products include Multi-Router Looking Glass (MRLG), PHPMailer, Ruby on Rails Action View, and Zimbra Collaboration Suite.

- Advertisement -

According to CISA, the newly listed vulnerabilities are: a buffer overflow in MRLG (CVE-2014-3931), a command injection in PHPMailer (CVE-2016-10033), a path traversal in Ruby on Rails Action View (CVE-2019-5418), and a server-side request forgery in Zimbra Collaboration Suite (CVE-2019-9621). These flaws allow various attacks such as remote code execution, memory corruption, sensitive file exposure, and unauthorized system access.

There are currently no public reports describing real-world exploit techniques for the first three vulnerabilities. However, CISA noted that CVE-2019-9621 in Zimbra was previously linked to a China-based group called Earth Lusca, which used it to install persistent threats like web shells and launch attack tools such as Cobalt Strike.

CISA recommends that all Federal Civilian Executive Branch agencies install official updates for affected products no later than July 28, 2025, to mitigate risk.

In a related development, security researchers from watchTowr Labs and Horizon3.ai released technical assessments of an ongoing campaign targeting Citrix NetScaler ADC through a flaw called Citrix Bleed 2 (CVE-2025-5777). Attackers are using this vulnerability to read memory directly, exposing items such as credentials and session tokens.

- Advertisement -

watchTowr CEO Benjamin Harris stated, “We’re seeing active exploitation of both CVE-2025-5777 and CVE-2025-6543 in the wild.” The vulnerability allows attackers to make crafted requests that reveal uninitialized memory data, which can include sensitive information. Horizon3.ai explained that each exploit attempt can disclose up to 127 bytes, and repeated attempts could eventually yield valuable data.

The flaw stems from an unsafe use of the “snprintf” function, which formats memory into responses based on user input.

These ongoing vulnerabilities highlight the need for organizations to regularly apply security updates and monitor advisories for emerging attack techniques.

✅ Follow BITNEWSBOT on Telegram, Facebook, LinkedIn, X.com, and Google News for instant updates.

Previous Articles:

- Advertisement -
Ad
Altseason Is Loading. Don't watch from the sidelines.
SOL $90.51
DOGE $0.0963
LINK $9.02
SUI $1.00
5% off fees when you sign up
Start Trading
Ad
Pay Less on Every Trade. For Life.
$10K/mo volume Save $60/yr
$50K/mo volume Save $300/yr
$100K/mo volume Save $600/yr
5% off all trading fees when you sign up
Claim Your Discount

Latest News

WordPress core hit by zero-click RCE bug, patch now live

WordPress patched a pre-authentication remote code execution flaw in versions 6.9.5 and 7.0.2 on...

ECB: Stablecoin growth puts European bank deposits at risk

ECB board member Piero Cipollone warned Friday that stablecoin growth could strip European banks...

Tesla Launches Megacharger Network with Bloomington Station

Tesla opened a new public Megacharger station in Bloomington, California, calling it the start...

Apple Overtakes Nvidia as World’s Most Valuable Public Company

Apple briefly surpassed NVIDIA as the world’s most valuable publicly traded company, hitting an...

Galaxy Digital buys naming rights to Texas Tech stadium in 15-year deal

Galaxy Digital signed a 15-year naming rights deal with Texas Tech, renaming the football...

Must Read

How to Set Up a Simple Bitcoin Tip Jar for Your Site or Stream

QUICK LINKSWhat a tip jar is, in plain wordsWhat you needBuild a payment link that just worksAdd a QR code that actually scansWhere to...
Ad
Altseason Is Loading. These 4 coins are trending right now.
SOL $92.12
DOGE $0.0950
LINK $9.02
SUI $1.02
5% off spot fees when you sign up
Start Trading