{"uuid": "e42fe05c-8c19-493d-a90c-68baf75fe797", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2025-5777", "type": "seen", "source": "https://thehackernews.com/2026/07/ransomware-groups-turn-to-citrix-bleed.html", "content": "Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access.\n\n\"Although tactics differ between affiliates, common patterns emerged in tradecraft through use of legitimate Remote Management and Monitoring (RMM) tooling, credential access, and hands-on-keyboard procedures used for lateral", "creation_timestamp": "2026-07-03T01:00:41.564418Z"}