The Week Trusted Software Turned Hostile: ShareFile, Citrix Bleed 2, and AI Coding Attacks

Automated bug-hunting is cutting both ways, and old flaws are still landing hits because patches sat in a queue.

ThreatVectr Newsdesk· 4 min read
Full-frame photoreal editorial shot of a dim server room with rows of blinking network equipment, one rack door slightly ajar, a faint blue glow spilling across
Share

Key points

  • Attackers are using the same automated bug-finding tools as defenders, but without the paperwork or the patience.
  • Ransomware crews are still exploiting a Citrix flaw known as Citrix Bleed 2, months after a fix was available.
  • Citrix ShareFile, a file-sharing service used by businesses, is being abused to deliver attacks that ride in on trusted software.
  • AI coding assistants have become a fresh target, with criminals slipping malicious instructions into the tools developers rely on.
  • Many of this week's incidents trace back to patches that existed but were not applied in time.

Somewhere right now, a piece of security software is finding bugs faster than any human could triage them. That is meant to be the good news.

The bad news is that the criminals have the same tools, pointed the other way. They do not file tickets. They do not wait for a maintenance window.

That is the shape of the week, according to a roundup first published by The Hacker News. Trusted software is turning on the people who installed it. Flaws from last year are still landing hits because the fix sat in a queue too long.

What actually happened this week?

Three threads are worth pulling on, and each one touches ordinary users more than it looks.

The first is Citrix Bleed 2, a nickname for a serious flaw in Citrix's remote-access gear. Citrix sells the software that lets office workers log in from home. The bug lets attackers grab session tokens, which are the little digital passes your browser holds after you sign in. Steal the pass, skip the login. That means skipping the password and, crucially, skipping multi-factor authentication (MFA), the second step where you approve a login on your phone.

Ransomware crews, criminals who lock up a company's files and demand payment, are actively using this flaw to walk into corporate networks. A patch exists. Not everyone has installed it.

Would MFA have helped? Honestly, no. Not on its own. When the attacker steals the session token after you have already logged in, your phone tap has already happened. This is why the industry keeps talking about token binding and shorter session lifetimes, ideas set out in specifications like RFC 8705. In plain English: tie the digital pass to the specific device that earned it, so a thief cannot just carry it away.

The ShareFile problem

Citrix ShareFile is a file-sharing service. Companies use it to send documents to clients. Attackers are now abusing it to deliver malicious files that arrive wrapped in a name the recipient trusts.

If a link comes from ShareFile, it looks legitimate. It often is legitimate, until it isn't. Staff have been trained for years to trust known brands in the sender line. That training is now working against them.

AI coding assistants under attack

The third thread is newer. Developers increasingly use AI assistants to write code. Researchers have shown that attackers can plant hidden instructions in places the AI reads, like public code repositories or documentation pages. The AI then quietly follows those instructions, writing code that includes a back door or leaks a secret key.

This is called prompt injection. Think of it as writing graffiti on a wall that only the robot can see, and the robot does what the graffiti says.

What should ordinary people do?

If your employer uses Citrix products, ask whether the Citrix Bleed 2 patch is applied. It is a fair question. If a ShareFile link arrives unexpectedly, confirm it with the sender through a different channel before opening anything.

And if you write code with an AI assistant, treat its output the way you would treat code from a stranger on the internet. Read it. Test it. Do not paste it into production because it looked confident.

The pattern this week is not exotic. It is patches unapplied, trust misplaced, and new tools racing ahead of the safety rails. Same story, new week.

© 2026 Threat Vectr