CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

CVE-2026-0248 Prisma Access Agent: Improper Certificate Validation Vulnerability

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

PT-2026-40772

An improper certificate validation vulnerability in the Prisma Access Agent® for Android and Chrome OS enables an attacker to perform a man-in-the-middle MitM attack to intercept VPN traffic. By presenting a certificate for any domain issued by a trusted Certificate Authority, the attacker can...

Vulnerabilities fixed in Synology SSL VPN Client

Synology has fixed vulnerabilities in Synology SSL VPN Client. A malicious party can exploit these vulnerabilities because Synology SSL VPN Client with version before 1.4.5-0684 stores PINs insecurely and does not adequately shield files via a local HTTP server component. This can lead to...

CVE-2021-4477

CVE-2021-4477 affects Hirschmann HiLCOS OpenBAT and BAT450 products. It is a firewall bypass vulnerability in IPv6 IPsec deployments that lets traffic from VPN connections bypass configured firewall rules. Exploitation involves establishing IPv6 IPsec connections (IKEv1 or IKEv2) while using an I...

MiracleLinux 8 : NetworkManager-1.40.16-18.el8_10.ML.1 (AXSA:2025-9552:02)

The remote MiracleLinux 8 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2025-9552:02 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routi...

EUVD-2012-4956

Malware in sbrugna...

EUVD-2021-10103

Malware in sbrugna...

EUVD-2024-32236

Malicious code in bioql PyPI...

VPN use rises following Online Safety Act’s age verification controls

As the UK's Online Safety Act came into effect on Friday—along with its age verification controls—the use of virtual private network VPN services has skyrocketed by up to 20-fold across the region. Top10VPN, which monitors VPN traffic around the world, spotted UK VPN traffic spiking 1,327% on Jul...

TencentOS Server 3: Bug fix of NetworkManager (Moderate) (TSSA-2025:0044)

The version of Tencent Linux installed on the remote TencentOS Server 3 host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the TSSA-2025:0044 advisory. Package updates are available for TencentOS Server 3 that fix the following vulnerabilities:...

CVE-2024-8474

OpenVPN Connect before version 3.5.0 can contain the configuration profile's clear-text private key which is logged in the application log, which an unauthorized actor can use to decrypt the VPN traffic...

CVE-2021-22985

On BIG-IP APM version 16.0.x before 16.0.1.1, under certain conditions, when processing VPN traffic with APM, TMM consumes excessive memory. A malicious, authenticated VPN user may abuse this to perform a DoS attack against the APM. Note: Software versions which have reached End of Software...

RLSA-2025:0288 Moderate: Bug fix of NetworkManager

Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored in routing table that is specified by ipv4.route-table JIRA:Rocky Linux-73051 VPN connections do not support ipv4.routing-rules settings JIRA:Rocky...

A week in security (March 31 – April 6)

Last week on Malwarebytes Labs: Why we’re no longer doing April Fools’ Day Intimate images from kink and LGBTQ+ dating apps left exposed online "Urgent reminder" tax scam wants to phish your Microsoft credentials "Nudify" deepfakes stored unprotected online Location, name, and photos of random ki...

Nutanix AOS : Multiple Vulnerabilities (NXSA-AOS-6.10.1.5)

The version of AOS installed on the remote host is prior to 6.10.1.5. It is, therefore, affected by multiple vulnerabilities as referenced in the NXSA-AOS-6.10.1.5 advisory. - virtualenv before 20.26.6 allows command injection through the activation scripts for a virtual environment. Magic templa...

Security and bug fixes for NetworkManager

An update is available for NetworkManager. This update affects Rocky Linux 9. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE list NetworkManager is a system network service that manages network device...

DHCP: DHCP routing options can manipulate interface-based VPN traffic

DHCP can add routes to a client’s routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...

RHEL 8 : Bug fix of NetworkManager (Moderate) (RHSA-2025:0288)

The remote Redhat Enterprise Linux 8 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2025:0288 advisory. Security and Bug Fixes: NetworkManager: DHCP routing options can manipulate interface-based VPN traffic CVE-2024-3661 Route to VPN server not stored ...

DHCP: DHCP routing options can manipulate interface-based VPN traffic

DHCP can add routes to a client’s routing table via the classless static route option 121. VPN-based security solutions that rely on routes to redirect traffic can be forced to leak traffic over the physical interface. An attacker on the same local network can read, disrupt, or possibly modify...