Citrix Bleed 2 | CyberSpace | S2E15

Show Notes

Josh and Robbie run duos on the pod this week, looking into early information around the recent Citrix vulnerability (CVE-2025-5777) dubbed Bleed 2 for it's similarity to the 2023 vulnerability. Bleed 2 has opened old wounds, and there has been some confusion amongst researchers and defenders due to a few rouge PoC exploits in the wild... I'm sure we'll come back to this exploit as related compromises are disclosed in the following weeks. For the second part, Robbie and Josh look at a simpler technique, email bombing, and how it has been adapted into active campaigns.

Support the show