<ul><li>Hackers have been using compromised VPN servers to steal sensitive information from connected VPN clients, security researchers warn.</li><li>Researchers from AmberWolf discovered flaws in SonicWall NetExtender and Palo Alto Networks GlobalProtect VPN clients that allowed criminals to trick people into connecting to malicious servers.</li><li>The vulnerabilities, named NachoVPN, enabled attackers to steal login credentials, install malware through software updates, and perform other malicious actions.</li><li>AmberWolf reported the vulnerabilities to the respective organizations and shared an open-source tool called NachoVPN to simulate the attack.</li></ul>

Rogue VPN servers used to spread malware via malicious updates

Discover more