Citrix Devices Under Attack: NetScaler Flaw Exploited to Capture User Credentials

A recently disclosed critical flaw in Citrix NetScaler ADC and Gateway devices is being exploited by threat actors to conduct a credential harvesting campaign.
IBM X-Force, which uncovered the activity last month, said adversaries exploited "CVE-2023-3519 to attack unpatched NetScaler Gateways to insert a malicious script into the HTML content of the authentication web page to capture user

adc adversaries attack campaign capture citrix citrix netscaler citrix netscaler adc credential credential harvesting credentials critical critical flaw cve cve-2023-3519 devices exploited flaw gateway html ibm ibm x-force malicious netscaler netscaler adc script threat threat actors uncovered under unpatched x-force