Tech companies, professional services organizations, and government entities have been subjected to attacks exploiting a critical information disclosure vulnerability in Citrix NetScaler Application Delivery Controller and NetScaler Gateway instances, tracked as CVE-2023-4966, since late August, or about two months prior to the release of a fix, reports The Register.