The Unpatchables: How Citrix turned into a welcome mat
In July 2025, the Netherlands faced a crisis that unfolded not in public squares but across invisible networks. The Public Prosecution Service, several courts, and parts of the Ministry of Justice were forced to halt operations. Hearings were postponed, case files became inaccessible, and whole sections of the justice system were brought to a standstill. The cause was not ransomware flashing on screens or stolen data dumped online. It was the silent exploitation of Citrix NetScaler — a remote-access system used by thousands of organisations to let staff work securely from anywhere. Think of Citrix as a heavily guarded front door to an office: only authorised people can enter, and it keeps prying eyes out. In theory. In July, that door had both a faulty lock and an absent guard. ...