How private is your VPN?

When you're shopping around for a Virtual Private Network VPN you'll find yourself in a sea of promises like "military-grade encryption!" and "total anonymity!" You can’t scroll two inches without someone waving around these fancy terms. But not all VPNs can be trusted. Some VPNs genuinely protec...

Improper Authentication

github.com/spectolabs/hoverfly is vulnerable to Improper Authentication. The vulnerability is due to the admin WebSocket endpoint /api/v2/ws/logs not being protected by the same authentication middleware as the REST admin API, which allows an unauthenticated remote attacker to access and stream...

BIT-GITLAB-2025-1198 Insufficient Session Expiration in GitLab

An issue discovered in GitLab CE/EE affecting all versions from 16.11 prior to 17.6.5, 17.7 prior to 17.7.4, and 17.8 prior to 17.8.2 meant that long-lived connections in ActionCable potentially allowed revoked Personal Access Tokens access to streaming results...

5 common VPN myths busted

Virtual Private Networks VPNs are popular but often misunderstood. There are many misconceptions about them—misconceptions that may be stopping people from adding a useful layer to their security and privacy defenses. So, let’s do some myth busting. 1. VPNs are for illegal activity Some people...