Three separate campaigns are targeting the critical flaw (CVE-2023-3519) in Citris NetScaler ADC and Gateway devices.
Organizations are urged to apply patches for the flaw in Netscaler (formerly Citrix) ADC and Gateway products.
APT5, a Chinese threat group, has used a newly discovered flaw (CVE-2022-27518) in Citrix ADC and Gateway to target a small number of organizations.
Attackers have historically exploited vulnerabilities in Citrix Gateway and ADC in order to target organizations.
Citrix has released software mitigations to help prevent DDoS attacks using its ADC and Gateway appliances.