The last few months have been a wake-up call for IT and business leaders alike. Citrix, Microsoft, Cisco, CrushFTP, even WinRAR — all dropped critical security alerts, and many of these flaws were already being exploited before the patches went live. The uncomfortable truth is that hackers, armed with AI, can now turn a newly discovered weakness into a working exploit in a matter of hours.
Take Citrix Bleed 2 (CVE-2025-5777). It allows attackers to hijack active sessions on NetScaler ADC and Gateway devices, bypassing even multi-factor authentication. In other words, your “strong” security controls don’t matter if the attacker is already inside your session. Another big one came from Microsoft: a SharePoint flaw (CVE-2025-53770) that let attackers forge machine keys and execute code remotely. That vulnerability has already been tied to a breach of Canada’s House of Commons.
Cisco’s firewall had a CVSS 10.0 flaw in its RADIUS subsystem, CrushFTP had a zero-day that gave attackers admin access, and WinRAR — yes, the decades-old file compression tool — was used to sneak in malware disguised as job application files. These aren’t niche products; they’re everywhere in business environments.
What’s different now is the AI factor. Researchers have shown that large language models can generate proof-of-concept exploit code in minutes. Attack groups like GTG-2002 are already automating reconnaissance, privilege escalation, and even ransom negotiations. The days of having “a few weeks to patch” are gone.
For business leaders, this changes patching from a maintenance task to a survival strategy. You can’t afford to treat updates as something IT handles once a quarter. The playbook must shift toward automation, risk-based prioritization, and aiming for a 72-hour patch turnaround on critical vulnerabilities.
👉 Stay ahead of the threat—explore Calder & Lane’s Cybersecurity & Resilience solutions today.
