Collecting Cyber-News from over 60 sources

Tag: vpn

ExpressVPN Is on Sale for $40: A Great Deal for Remote Teams

Jun 8, 2026 6:42 PM

Tags: vpn

For remote workers and IT professionals juggling multiple devices, this VPN deal is worth a serious look. The post ExpressVPN Is on Sale for $40: A Great Deal for Remote Teams appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/expressvpn-basic-1-year-subscription/
Critical Check Point VPN Flaw Exploited to Bypass Passwords in IKEv1 Setups

Jun 8, 2026 5:42 PM

Tags: access, cve, exploit, flaw, mobile, password, vpn, vulnerability

Check Point has warned of active exploitation of a critical vulnerability impacting Remote Access VPN and Mobile Access deployments that are configured to use the deprecated IKEv1 key exchange protocol.The vulnerability, tracked as CVE-2026-50751 (CVSS score: 9.3), is a case of a logic flow weakness in certificate validation that allows an unauthenticated remote attacker to…
Check Point Firewalls und Spark Firewalls betroffen – Check Point warnt vor aktiv ausgenutzter VPN-Schwachstelle

Jun 8, 2026 4:42 PM

Tags: firewall, vpn, vulnerability

First seen on security-insider.de Jump to article: www.security-insider.de/check-point-aktiv-ausgenutzte-vpn-schwachstelle-cve-2026-50751-ikev1-hotfix-a-6d868821bf399b6b37e35a8c867a6f18/
Qilin ransomware affiliate exploited Check Point VPN zero-day (CVE-2026-50751)

Jun 8, 2026 3:44 PM

Tags: access, authentication, cve, exploit, mobile, ransomware, vpn, vulnerability, zero-day

A Qilin ransomware affiliate is believed to be exploiting CVE-2026-50751, an authentication bypass vulnerability in Check Point VPN Remote Access and Mobile Access, the … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/08/check-point-cve-2026-50751-qilin-ransomware/
Check Point links VPN zero-day attacks to Qilin ransomware gang

Jun 8, 2026 3:44 PM

Tags: access, attack, cybersecurity, exploit, flaw, mobile, ransomware, update, vpn, zero-day

Israeli cybersecurity company Check Point has released security updates to patch a critical flaw affecting Remote Access VPN and Mobile Access deployments, which was exploited in zero-day attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/check-point-links-vpn-zero-day-attacks-to-qilin-ransomware-gang/
Malicious Browser Add-Ons Target Major AI Chatbot Users

Jun 5, 2026 11:42 AM

Tags: ai, browser, chatgpt, chrome, cyber, data, malicious, threat, vpn

Malicious browser add-ons are actively harvesting conversations and personal data from users of major AI platforms including ChatGPT, Claude, Copilot, Gemini, and DeepSeek. The threat leverages ostensibly helpful Chrome extensions VPNs, sidebars, and “AI assistants” to intercept agentic-AI interactions, exfiltrate chat histories, and aggregate sensitive information that users routinely share with generative models. Analysis of…
CISA Warns of Active Exploitation of Palo Alto Networks PAN-OS Vulnerability

Jun 2, 2026 1:42 PM

Tags: access, authentication, cisa, control, cve, cyber, cybersecurity, exploit, flaw, infrastructure, network, threat, unauthorized, vpn, vulnerability

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has issued an urgent alert warning that threat actors are actively exploiting a critical vulnerability in Palo Alto Networks PAN-OS, tracked as CVE-2026-0257. The flaw, categorized as an authentication bypass issue, allows attackers to bypass standard security controls and establish unauthorized VPN connections, potentially granting them access…
RaccoonLine Publishes a Breakdown of 7 Structural Differences Between dVPNs and Traditional VPNs

Jun 1, 2026 7:42 PM

Tags: cyber, government, privacy, vpn

Rome, Italy, June 1st, 2026, CyberNewswire With VPN providers facing increasing legal pressure from governments across multiple jurisdictions in 2026, RaccoonLine today published a technical breakdown of the seven structural differences between decentralized and centralized VPN architecture, focusing specifically on which differences matter when privacy protection is most critical. For most users, the practical difference…
Patch Now: Another Palo Alto Auth Bypass Bug Under Active Exploit

Jun 1, 2026 5:42 PM

Tags: attack, exploit, update, vpn, vulnerability

Exploiting the PAN-OS GlobalProtect VPN vulnerability requires certain conditions, but adversaries have done so in two attack waves that started in mid-May. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/patch-palo-alto-auth-bypass-bug-exploit
Hackers are exploiting Palo Alto GlobalProtect VPN authentication bypass (CVE-2026-0257)

Jun 1, 2026 12:42 PM

Tags: authentication, exploit, firewall, hacker, network, vpn, vulnerability

Authentication bypass vulnerabilities (CVE-2026-0257) in Palo Alto Networks’ firewalls that the company disclosed on May 13 have been targeted in >>limited exploit … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/06/01/hackers-are-exploiting-palo-alto-globalprotect-vpn-authentication-bypass-cve-2026-0257/
CVE-2026-0257: Rapid7 Caught Attackers Abusing Forged VPN Cookies Against Multiple Customers

May 31, 2026 8:42 PM

Tags: cve, cybersecurity, exploit, flaw, network, vpn, vulnerability

CVE-2026-0257 lets attackers forge Palo Alto GlobalProtect auth cookies and bypass VPN login. Exploitation confirmed since May 17. Palo Alto Networks addressed the vulnerability CVE-2026-0257 on May 13. Two weeks later, cybersecurity firm Rapid7 confirmed active exploitation across multiple customer environments. The flaw impacts the GlobalProtect portal and gateway components of Palo Alto Networks PAN-OS…
Palo Alto GlobalProtect VPN auth bypass flaw now exploited in attacks

May 30, 2026 8:42 PM

Tags: attack, authentication, breach, corporate, cve, exploit, flaw, hacker, network, vpn

Palo Alto Networks is warning that hackers are now exploiting a PAN-OS GlobalProtect authentication bypass flaw, tracked as CVE-2026-0257, in attacks attempting to breach corporate networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/palo-alto-globalprotect-vpn-auth-bypass-flaw-now-exploited-in-attacks/
‘First VPN’ service used by cybercriminals dismantled in international operation

May 23, 2026 6:00 AM

Tags: cybercrime, international, service, vpn

First seen on scworld.com Jump to article: www.scworld.com/brief/first-vpn-service-used-by-cybercriminals-dismantled-in-international-operation
Attackers exploit SonicWall VPN vulnerability to bypass MFA

May 23, 2026 6:00 AM

Tags: exploit, mfa, vpn, vulnerability

First seen on scworld.com Jump to article: www.scworld.com/brief/attackers-exploit-sonicwall-vpn-vulnerability-to-bypass-mfa
Police boast of hacking VPN where criminals believed themselves to be safe

May 22, 2026 10:00 PM

Tags: hacking, law, vpn

Law enforcement intercepted VPN traffic, seized domains, and arrested its operator. First seen on arstechnica.com Jump to article: arstechnica.com/tech-policy/2026/05/police-boast-of-hacking-vpn-where-criminals-believed-themselves-to-be-safe/
First VPN Dismantled in Global Takedown Over Use by 25 Ransomware Groups

May 22, 2026 9:00 PM

Tags: attack, data, group, network, ransomware, service, theft, usa, vpn

Authorities in Europe and North America have announced the dismantling of a criminal virtual private network (VPN) service used by criminal actors to obscure the origins of ransomware attacks, data theft, scanning, and denial-of-service attacks.The disruption of First VPN Service was led by France and the Netherlands, with several other nations supporting the investigation since…
Operation Saffron Europol zerschlägt kriminellen VPN-Dienst ‘First VPN”

May 22, 2026 4:00 PM

Tags: cyberattack, infrastructure, ransomware, vpn

VPN-Dienste gelten für viele Nutzer als Synonym für Datenschutz und Anonymität. Doch dieselbe Infrastruktur wird zunehmend auch von Cyberkriminellen genutzt, um Angriffe zu verschleiern, Ransomware-Kampagnen zu koordinieren und Ermittlungen zu umgehen. Mit der internationalen Operation ‘Saffron” haben Strafverfolger nun erstmals gezielt einen solchen kriminellen VPN-Dienst zerschlagen. Unterstützt wurde die Aktion unter anderem von Bitdefender. Die…
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Governments

May 22, 2026 4:00 PM

Tags: china, government, group, microsoft, threat, tool, vpn

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinas-webworm-discord-microsoft-graphs
Russian Hackers Exploit RDP, VPNs, Supply Chains for Initial Access

May 22, 2026 3:00 PM

Tags: access, cyber, defense, exploit, government, group, hacker, infrastructure, network, russia, social-engineering, supply-chain, threat, vpn

Russian state-sponsored and aligned threat groups are increasingly combining Remote Desktop Protocol (RDP), Virtual Private Networks (VPNs), supply chain compromise, and sophisticated social engineering to gain initial access to targeted networks across government, critical infrastructure, and commercial sectors. This multi-vector approach allows them to bypass perimeter defenses, blend in with legitimate traffic, and maintain long-term…
Versteck für Hacker: Behörden zerschlagen VPN-Dienst und identifizieren Nutzer

May 22, 2026 1:00 PM

Tags: hacker, vpn

First VPN ist bei Cyberkriminellen wohl ziemlich beliebt gewesen. Doch das ist jetzt vorbei: Strafverfolger gelangten an Server und Nutzerdaten. First seen on golem.de Jump to article: www.golem.de/news/nutzer-identifiziert-behoerden-zerschlagen-fuer-cybercrime-genutzten-vpn-dienst-2605-208960.html
Nutzer identifiziert: Behörden zerschlagen für Cybercrime genutzten VPN-Dienst

May 22, 2026 12:00 PM

Tags: cybercrime, vpn

First VPN ist bei Cyberkriminellen wohl ziemlich beliebt gewesen. Doch das ist jetzt vorbei: Strafverfolger gelangten an Server und Nutzerdaten. First seen on golem.de Jump to article: www.golem.de/news/nutzer-identifiziert-behoerden-zerschlagen-fuer-cybercrime-genutzten-vpn-dienst-2605-208960.html
China’s Webworm Uses Discord, Microsoft Graphs to Hack EU Govts.

May 22, 2026 10:00 AM

Tags: china, group, microsoft, threat, tool, vpn

The advanced persistent threat group also relied on SOCKS proxies like SoftEther VPN, tunneling tools that act as a middleman between victim and attacker. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/chinas-webworm-discord-microsoft-graphs
Authorities Take Down “First VPN” Service Used in Ransomware Attacks

May 22, 2026 8:00 AM

Tags: attack, cyber, cybercrime, group, infrastructure, ransomware, service, vpn

Authorities in Europe have dismantled a major criminal VPN service known as “First VPN,” which was widely used by ransomware operators and cybercriminal groups to conceal their activities. The coordinated operation, led by French and Dutch authorities with support from Eurojust and Europol, marks a significant disruption to cybercrime infrastructure across multiple countries. Criminal VPN…
Law enforcement shuts down VPN service used by two dozen ransomware gangs

May 21, 2026 10:00 PM

Tags: hacker, law, ransomware, service, vpn

First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/21/law-enforcement-shuts-down-vpn-service-used-by-two-dozen-ransomware-gangs/
Police op targets VPN service favoured by ransomware gangs

May 21, 2026 10:00 PM

Tags: cyber, ransomware, service, vpn

A multinational police operation has taken down the infamous First VPN service that provided cover for cyber criminal gangs and ransomware operators. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643536/Police-op-targets-VPN-service-favoured-by-ransomware-gangs
Global law enforcement operation takes First VPN offline

May 21, 2026 9:00 PM

Tags: cybercrime, data, data-breach, infrastructure, international, law, ransomware, service, vpn

Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a service that had become a quiet staple for ransomware crews, data thieves, and other cybercriminals trying to hide in plain sight. >>The coordinated…
European authorities take down prolific cybercrime VPN service

May 21, 2026 7:00 PM

Tags: cybercrime, service, vpn

Officials arrested the alleged administrator of First VPN, seized its servers and domains. Europol said the service appeared in almost every major recent cybercrime investigation. First seen on cyberscoop.com Jump to article: cyberscoop.com/europol-take-down-first-vpn-cybercrime/
Attackers are bypassing MFA on SonicWall VPNs because something was wrong with previous fix

May 21, 2026 6:00 PM

Tags: mfa, update, vpn

Attackers bypassed MFA on patched SonicWall Gen6 VPNs because admins missed extra manual steps required to fully fix the flaw. There is a particular kind of security failure that is harder to catch than an unpatched system: a patched system where the patch did not actually work because nobody followed all the steps. That is…
Cybercriminal VPN Dismantled in Europol Crackdown

May 21, 2026 6:00 PM

Tags: cybercrime, ransomware, service, vpn

First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/first-vpn-takedown-europol/
Authorities dismantle First VPN, used by ransomware actors

May 21, 2026 5:00 PM

Tags: cybercrime, network, ransomware, service, vpn

First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/operation-saffron-first-vpn-takedown/