Vpn
Curated coverage and analysis in this editorial area.

US Sanctions First VPN Provider: Anonymity as Criminal Infrastructure
The Treasury Department sanctions First VPN Service and its Ukrainian administrator for supporting ransomware groups. It marks the fir…

FortiBleed: 75,000 Firewalls at Risk from Stolen Credentials, Not a Zero-Day
FortiBleed hits already-patched FortiGate devices: credentials stolen in prior incidents enable administrative access without exploiti…

FortiBleed Fuels INC and Lynx: One Operator Serving Two Ransomware Clients
SOCRadar has documented the link between FortiBleed and the INC and Lynx ransomware groups. A single operator accessed the negotiation…

FortiBleed: 74,000 Fortinet Credentials Exposed, CISA Orders Immediate Action
CISA mandates immediate hardening for roughly 74,000 Fortinet devices after the FortiBleed credential leak. Valid credentials are circ…

CVE-2026-50751: Check Point VPN Zero-Day Exploited by Qilin Affiliate; Patch Released June 8
A Qilin ransomware affiliate exploited a critical zero-day in Check Point VPN’s IKEv1 protocol for over a month. The flaw (CVSS 9.3) a…

CVE-2026-0257: Active Exploitation Confirmed for GlobalProtect Authentication Bypass
Palo Alto Networks has confirmed active exploitation of CVE-2026-0257 affecting PAN-OS GlobalProtect. CISA has added the vulnerability…

F-Secure Leverages Android Accessibility for Scam Defense: A High-Privilege Trade-off
F-Secure Internet Security for Android utilizes Accessibility Services permissions to monitor URLs in Chrome and block phishing, highl…

Operation Saffron Dismantles First VPN, Exposing 25 Ransomware Groups
Operation Saffron has dismantled First VPN, a cornerstone anonymization service used by at least 25 ransomware groups since 2014. The…

First VPN Seized: 'No-Log' Service Revealed as Law Enforcement Trap for Cybercriminals
Europol and Dutch police have dismantled First VPN, a specialized infrastructure hub for ransomware and data theft. The operation seiz…