Researchers have named a new VPN attack, TunnelVision, that forces VPN apps to send and receive some or all traffic outside of the encrypted tunnel designed to protect it from snooping. The attack was found to affect all VPN applications when connected to a hostile network. According to the researchers, Linux and Android users remain protected, however, no ways to prevent such an attack have been found for other users.
Critical Apache HTTP Server Flaw Exposes Millions of Servers to RCE Attacks
The Apache Software Foundation has released a critical security update for Apache HTTP Server, patching five vulnerabilities, including a dangerous double-free flaw capable of enabling
