Bleeping Computer

New NachoVPN attack uses rogue VPN servers to install malicious updates

A set of vulnerabilities dubbed "NachoVPN" allows rogue VPN servers to install malicious updates when unpatched Palo Alto and SonicWall SSL-VPN clients connect to them. AmberWolf security researchers ...
heise online

Sonicwall Netextender: Security leaks jeopardize Windows client

There are security gaps in the VPN software Netextender that could allow attackers to extend their rights, for example. Manufacturer Sonicwall is currently issuing a warning about this. Sonicwall ...
Bleeping Computer

SonicWall warns of trojanized NetExtender stealing VPN logins

SonicWall is warning customers that threat actors are distributing a trojanized version of its NetExtender SSL VPN client used to steal VPN credentials. The fake software, which was discovered by ...
Hosted on MSN

Rogue VPN servers used to spread malware via malicious updates

Researchers from AmberWolf find two flaws in popular VPN products Flaws can be abused to get the VPNs to connect to malicious servers The servers can use the connection to steal login credentials, ...
Hosted on MSN

SonicWall warns of fake VPN apps stealing user logins and putting businesses at risk - here's what we know

SonicWall is warning hackers are distributing malicious VPN software NetExtender is being modified and distributed through fake websites The malicious software steals credentials and VPN ...