"Over 640 Citrix Servers Backdoored With Web Shells in Ongoing Attacks"

Hundreds of Citrix Netscaler ADC and Gateway servers have been compromised and backdoored in a series of attacks targeting a critical Remote Code Execution (RCE) flaw, tracked as CVE-2023-3519. The vulnerability has been exploited as a zero-day to breach the network of a US critical infrastructure organization. Shadowserver Foundation security researchers have revealed that the attackers had deployed web shells on at least 640 Citrix servers in these attacks. This article continues to discuss Citrix Netscaler ADC and Gateway servers being breached and backdoored in attacks targeting an RCE vulnerability. 

Bleeping Computer reports "Over 640 Citrix Servers Backdoored With Web Shells in Ongoing Attacks"