New #CitrixBleed blog (where the vendor has moved it from Citrix.com to a different website).

Essential point is run the commands to kill active sessions. I have more to come on this point, somebody harvested session tokens from almost every box on the internet.

https://www.netscaler.com/blog/news/netscaler-investigation-recommendations-for-cve-2023-4966/