Threat actors associated with the Anubis ransomware operation have been observed exploiting the Citrix Bleed 2 (CVE-2025-5777) vulnerability to obtain initial access. "Although tactics differ between ...
Fake CVE exploit repos pull frint and skytext packages to steal researcher credentials, with servers still live as of July 1.