A critical vulnerability in Citrix NetScaler, tracked as CVE-2025-6543, has been exploited to breach multiple critical organizations in the Netherlands, allowing attackers to achieve remote code execution. The Netherlands' National Cyber Security Centre warns that the flaw, initially thought to cause denial of service attacks, has been actively exploited since early May, with successful attacks resulting in the erasure of evidence. Organizations are urged to upgrade their systems to mitigate risks associated with this zero-day vulnerability.

Citrix has addressed three vulnerabilities in its NetScaler ADC and Gateway, including a critical remote code execution flaw (CVE-2025-7775) that is being actively exploited. Users are urged to update their firmware as there are no available mitigations for the vulnerability. Additional vulnerabilities related to memory overflow and improper access control have also been identified and patched.