• US National Security Agency (NSA) has released an advisory warning of exploitation inthe-wild of Citrix products by APT5 (also known as UNC2630 and MANGANESE), a threat actor attributed to China.

• The impacted product is Citrix Application Delivery Controller (ADC), formerly known as NetScaler, which provides orchestration and automation for applications across cloud or hybrid environments.

• The vulnerability, CVE-2022-27518 , has been addressed by an update released by Citrix.