vpn

Spain Orders NordVPN, ProtonVPN to Block LaLiga Piracy Sites

Spain's court orders NordVPN and ProtonVPN to block 16 piracy websites related to LaLiga, granting measures without hearings. LaLiga cites VPNs as facilitating illegal streaming. ProtonVPN claims lack of proper notice, while NordVPN states it's not aware of legal proceedings. Both argue that blocking VPNs won't effectively combat piracy.

https://www.bleepingcomputer.com/news/legal/spain-orders-nordvpn-protonvpn-to-block-laliga-piracy-sites/

8 Million Users’ AI Conversations Sold for Profit by “Privacy” Extensions

TLDR: Over 8 million users' AI conversations have been harvested and sold for profit by the Urban VPN Proxy extension, which secretly captures data from platforms like ChatGPT and Claude. Despite claiming privacy, the extension transmits sensitive information to servers without user consent. It has passed Google’s reviews, misleading users about its data practices. Users are advised to uninstall it immediately to protect their private conversations.

https://www.koi.ai/blog/urban-vpn-browser-extension-ai-conversations-data-collection

Should You Trust Your VPN Location?

Extreme TLDR: Analysis of 20 VPNs revealed 17 falsely claim exit locations; many are routed through different countries. 38 countries were only virtual, with data showing actual locations often thousands of kilometers away. Only 3 providers matched their claimed locations perfectly. Relying on self-reported data leads to significant inaccuracies. Users should treat “100+ countries” claims with skepticism and verify provider transparency regarding virtual versus physical server locations.

https://ipinfo.io/blog/vpn-location-mismatch-report

New Wave of VPN Login Attempts Targets Palo Alto GlobalProtect Portals

New attacks targeting Palo Alto GlobalProtect VPN portals began on December 2, involving 7,000 IPs from German company 3xK GmbH. Initial brute-force attempts on GlobalProtect led to scanning SonicWall API endpoints. GreyNoise reports the attacker used previous fingerprints, generating millions of HTTP sessions. Both activities are attributed to the same actor, posing credential-based threats but not exploiting software vulnerabilities. Palo Alto recommends enforcing Multi-Factor Authentication (MFA) for protection.

https://www.bleepingcomputer.com/news/security/new-wave-of-vpn-login-attempts-targets-palo-alto-globalprotect-portals/

The VPN Panic Is Only Getting Started

UK government considers restricting children's use of VPNs due to their effectiveness in bypassing age verification from the Online Safety Act, which mandates strict age checks for accessing certain online content. Following the Act's implementation, VPN usage surged significantly, with calls from officials to address this loophole. Discussions on potential methods to limit VPNs are ongoing, but suggestions of a full ban are complicated by the legitimate reasons for VPN use in privacy and security. Alternatives, like restricting VPN promotion to children, are likely under consideration. As other countries follow suit with similar restrictions, the debate on VPN regulation is expected to intensify.

https://www.theverge.com/tech/827435/uk-vpn-restrictions-ban-online-safety-act

Lawmakers Want to Ban VPNs—And They Have No Idea What They’re Doing

Lawmakers in Wisconsin and Michigan are attempting to ban Virtual Private Networks (VPNs) to enforce age verification, arguing it will protect children online. The bills propose that websites must block VPN users, which experts argue is technically infeasible and harmful to various user groups including businesses, students, and vulnerable populations seeking safety. The broad definition of “harmful to minors” in these laws could censor a wide range of expression and essential information. Critics emphasize that banning VPNs undermines privacy, creates data security risks, and fails to address the real issues affecting online safety. Overall, they urge lawmakers to reconsider such measures, which threaten digital freedom and privacy rights.

https://www.eff.org/deeplinks/2025/11/lawmakers-want-ban-vpns-and-they-have-no-idea-what-theyre-doing

Remote Access Infra Remains Riskiest Corp. Attack Surface

Remote access infrastructure poses significant risks for corporations, with exposed login panels for VPNs and remote access systems increasing vulnerability to ransomware attacks. Analysis shows many companies have poorly secured login credentials, often leading to data breaches and making it harder to obtain cyber insurance. Recommendations for securing remote access include keeping network equipment updated, implementing strong multifactor authentication (MFA), and adopting a zero-trust security model.

https://www.darkreading.com/cyber-risk/remote-access-infra-remains-riskiest-corp-attack-surface

Scroll to Top