Over 1,200 Citrix NetScaler ADC and Gateway appliances remain unpatched against the critical CVE-2025-5777 vulnerability, which allows attackers to hijack user sessions and bypass authentication. Despite Citrix's assertion that there is no evidence of exploitation, cybersecurity firms report medium confidence that the flaw is being actively targeted. Administrators are urged to apply patches and monitor for suspicious activity on their systems.