attackers exploiting the citrixbleed 2 flaw are hijacking sessions on netscaler devices protected by multi-factor authentication and deploying dragonforce ransomware within sixty minutes of entry, across multiple sectors with an apparently repeatable playbook. mfa is widely treated as the floor of enterprise security; a routine, sub-hour bypass of it is a structural failure, not an isolated breach.