Credential Harvesting Campaign Targets Unpatched NetScaler Instances. Threat actors are targeting Citrix NetScaler instances unpatched against CVE-2023-3519 to steal user credentials. #CredentialHarvesting #NetScalerInstances #Cybersecurity

Summary: A credential harvesting campaign is exploiting a vulnerability in unpatched Citrix NetScaler gateways to steal user credentials. The campaign involves injecting a PHP web shell and custom HTML code to the authentication page, collecting user credentials, and sending them to a remote server. Organizations are advised to patch their NetScaler gateways and change passwords as part of remediation efforts. #CybersecurityNews #CredentialHarvestingCampaign #NetScalerVulnerability

https://www.securityweek.com/credential-harvesting-campaign-targets-unpatched-netscaler-instances/