The Citrix Bleed vulnerability, used by LockBit 3.0 affiliates, enables threat actors to bypass password requirements and multifactor authentication (MFA), allowing them to hijack legitimate user sessions on Citrix NetScaler ADC and Gateway appliances.