1. Forum
  2. tqwNet
  3. TQW_GENTECH

  • New AI-powered HexStrike tool is being used to target multiple Ci

    From TechnologyDaily@1337:1/100 to All on Thu Sep 4 15:30:08 2025
    New AI-powered HexStrike tool is being used to target multiple Citrix
    security flaws

    Date:
    Thu, 04 Sep 2025 14:27:00 +0000

    Description:
    Hackers up the ante with vulnerability abuse automation through a legitimate red teaming tool.

    FULL STORY ======================================================================A legitimate red teaming tool called HexStrike-AI is drawing the attention of the wrong crowd Researchers are seeing "chatter" about the tool being leveraged to exploit known Citrix flaws The patching window for system administrators keeps shrinking

    Cybercriminals are using a legitimate red teaming tool to automate the exploitation of n-day vulnerabilities, reducing the time businesses have to fix flaws from days to literal minutes.

    Security experts at Check Point Research said they observed chatter around
    the dark web of a tool called HexStrike-AI, an open source offensive security framework that connects large language models such as GPT, Claude, and
    Copilot with cybersecurity tools through the Model Context Protocol. It provides access to more than 150 tools for penetration testing, bug bounty automation, and vulnerability research, using multiple AI agents to manage workflows, analyze data, and run scanning, exploitation, or reporting tasks.

    It is powered by an Intelligent Decision Engine that selects and executes tools based on the target environment, and supports network analysis, web application testing, cloud security checks, reverse engineering, and OSINT. Citrix in the spotlight

    Check Point Research says that hackers are sharing information on how to deploy HexStrike-AI to take advantage of CVE-2025-7775, CVE-2025-7776, and CVE-2025-8424, three vulnerabilities recently discovered in Citrix NetScaler ADC and Gateway instances.

    The tool allegedly helped them achieve unauthenticated remote code execution which, in turn, allowed them to drop webshells and maintain persistence.

    While this chatter isnt evidence enough of abuse, if confirmed, the news
    would mean the exploitation time can be cut down from several days to a few minutes, leaving system administrators with an already small patching window, and even less time before attacks begin.

    "CVE-2025-7775 is already being exploited in the wild, and with Hexstrike-AI, the volume of attacks will only increase in the coming days, CPR warned.

    With this level of automation, keeping software updated without a patch management platform will probably be impossible.

    Via BleepingComputer You might also like Stop making excuses, start patching Take a look at our guide to the best authenticator app We've rounded up the best password managers



    ======================================================================
    Link to news story: https://www.techradar.com/pro/security/new-ai-powered-hexstrike-tool-is-being- used-to-target-multiple-citrix-security-flaws


    --- Mystic BBS v1.12 A49 (Linux/64)
    * Origin: tqwNet Technology News (1337:1/100)