Here you can find the latest news and developments in the VPN world. Read about new breakthroughs, bypassing online censorship, and much more!
CISA has added CVE-2026-20133, a Cisco Catalyst SD-WAN Manager vulnerability, to its Known Exploited Vulnerabilities catalog after confirming active exploitation. The agency gave U.S. federal…
A new FakeWallet campaign placed 26 fake crypto wallet apps inside Apple’s App Store, mainly targeting iPhone users in China. The apps copied well-known wallet…
The Gentlemen ransomware operation is expanding its attack toolkit with SystemBC, a proxy malware often used to hide malicious traffic and support post-compromise activity inside…
Microsoft has started rolling out its revamped Windows Insider Program, replacing the older channel structure with a simpler setup built around two main channels: Experimental…
A newly tracked threat group called UNC6692 is using Microsoft Teams chats to trick employees into installing a custom malware suite named Snow. The campaign…
A new extortion group known as BlackFile is using phone calls, fake IT support messages, and stolen login codes to break into corporate systems. The…
A newly disclosed Linux vulnerability called Pack2TheRoot can let a local unprivileged user gain root access through PackageKit, the system service used by many Linux…
The EU’s Digital Operational Resilience Act has changed how financial institutions need to treat passwords, privileged access, and authentication. Under DORA, weak credential management is…
More than 10,000 internet-exposed Zimbra Collaboration Suite servers remain vulnerable to an actively exploited cross-site scripting flaw, according to Shadowserver. The vulnerability, tracked as CVE-2025-48700,…
Hackers are actively exploiting a critical vulnerability in the Breeze Cache WordPress plugin that can let unauthenticated attackers upload arbitrary files to vulnerable websites. The…
Bitwarden has confirmed that a malicious version of its @bitwarden/cli npm package was briefly distributed through npm on April 22, 2026. The affected release, @bitwarden/[email protected],…
Rituals has confirmed a data breach involving its My Rituals membership database after an unauthorized party downloaded part of its members’ data in April 2026.…
Password resets are no longer just a routine IT task. Attackers now target help desks because a successful reset can give them legitimate access without…
The UK’s National Cyber Security Centre and international partners have warned that China-linked hackers are increasingly routing attacks through large covert networks of compromised routers,…
A newly documented China-aligned threat group called GopherWhisper has been using Slack, Discord, Microsoft 365 Outlook, and file.io to hide command-and-control traffic inside legitimate online…