SPIN Unprocessed July 2, 2026 ai_technology cybersecurity
Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials
View original on thehackernews.comSummary
Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and Monitoring (RMM) tooling, credential access, and hands-on-keyboard procedures used for lateral
SpinGraph analysis pending — check back after processing.
Ask AI about this story
Opens with the SpinGraph .md URL and structured context — one click, prompt included.
More from The Hacker News
View all →- 19-Year-Old Scattered Spider Suspect Extradited to Face U.S. Hacking Charges
- Unpatched Argo CD Repo-Server Flaw Could Let Attackers Take Over Kubernetes Clusters
- SharePoint RCE CVE-2026-45659 Added to CISA KEV After Active Exploitation
- New ChocoPoC RAT Targets Vulnerability Researchers via Fake PoC Exploit Repos
- FortiBleed Credential Theft Linked to INC and Lynx Ransomware Operations
- AI Agent Exploits Langflow RCE to Automate Database Ransomware Attack
Markdown (.md) · JSON-LD schema (.json) · Machine-readable for AI & GEO