"A critical security flaw in Citrix NetScaler ADC and NetScaler Gateway (CVE-2026-3055, CVSS score: 9.3) has come under active exploitation as of March 27, 2026. The vulnerability refers to a case of insufficient input validation leading to memory overread, which an attacker could exploit to leak potentially sensitive information."
"The U.S. Federal Bureau of Investigation (FBI) confirmed that threat actors gained access to an email account belonging to FBI Director Kash Patel, but said no government information has been compromised."
"The Iran-linked hacker group Handala claimed responsibility for the hack, releasing files allegedly representing photos, emails, and classified documents taken from the FBI director's inbox."
"A new evolution of the GlassWorm campaign is delivering a multi-stage framework capable of complex operations, indicating a shift in attack methods and persistence in cyber threats."
A critical security flaw in Citrix NetScaler ADC and Gateway has been actively exploited, allowing attackers to leak sensitive information. The FBI confirmed that Director Kash Patel's personal email was hacked by the Iran-linked group Handala, although no government information was compromised. The hackers claimed responsibility, stating they breached the FBI's systems quickly. Additionally, the GlassWorm campaign has evolved to deliver a multi-stage framework, indicating a shift in attack methods and persistence in cyber threats.
Read at The Hacker News
Unable to calculate read time
Collection
[
|
...
]