HackerFeeds

CyberSecurity News

Ransomware Groups Turn to Citrix Bleed 2, BYOVD, and Supply Chain Credentials

The Hacker News
· July 2, 2026

AI summary

Threat actors linked to the Anubis ransomware operation are exploiting the Citrix Bleed 2 vulnerability to gain initial access. These actors are using various tactics, but common patterns have emerged, including the use of legitimate Remote Management and Monitoring tooling and credential access. Hands-on-keyboard procedures are also being used for lateral movement. The exploitation of Citrix Bleed 2 is part of a broader set of techniques that include Bring Your Own Vulnerable Driver (BYOVD) and the use of supply chain credentials.

Read the full article at The Hacker Newsthehackernews.com/2026/07/ransomware-groups-turn-to-citrix-bleed.html

This is an AI-generated brief aggregated by HackerFeeds for convenience and grounded in the source’s own summary; the related CVE, threat-group and country data is from HackerFeeds’ own indexes. The original article is the authoritative source — all rights belong to The Hacker News.