All CosmicBytez Labs articles tagged #VPN, across news, security advisories, how-to guides, and projects.
SonicWall has issued an urgent advisory warning of two zero-day vulnerabilities in its SMA1000 appliances — CVE-2026-15409 and CVE-2026-15410 — that can be chained for unauthenticated remote code execution. Patches are available now.
Six weeks of undetected access through a compromised VPN appliance exposes a hard truth: patching is necessary but not sufficient. Organisations already...
A data leak dubbed FortiBleed has exposed configuration files and VPN credentials for 73,932 Fortinet firewall URLs, putting organizations worldwide at...
Palo Alto Networks has confirmed active exploitation of CVE-2026-0257, an authentication bypass vulnerability in PAN-OS GlobalProtect portals carrying a...
This week's security roundup covers an actively exploited Chrome zero-day, attackers abusing UniFi network controllers, fresh macOS infostealer campaigns,...
A critical zero-day vulnerability in Check Point's VPN products has been under active exploitation since at least early May 2026, with a Qilin ransomware...
CISA ordered federal agencies to patch a critical Check Point Remote Access VPN flaw within 3 days after Qilin ransomware affiliates were confirmed...
The FBI and international partners have disrupted First VPN, a criminal VPN service used by dozens of ransomware groups for network reconnaissance and...
International authorities have disrupted a criminal VPN service called First VPN that was used by more than 25 ransomware groups to conceal network...
European law enforcement has taken down First VPN, a privacy service that had been openly advertised on Russian-language cybercrime forums as a tool for...
International law enforcement has dismantled 'First VPN,' a criminal VPN service marketed on Russian-speaking cybercrime forums and used to facilitate...
Threat actors brute-forced credentials and bypassed multi-factor authentication on SonicWall Gen6 SSL-VPN appliances to deploy ransomware tools,...
Build a self-hosted WireGuard VPN server on Ubuntu for secure remote access — with NAT masquerading, DNS leak protection, QR-code client provisioning, and...
Systematic audit checklist for network infrastructure security — firewall rules, segmentation, VPN configuration, DNS security, wireless security, and...
A critical unauthenticated remote code execution vulnerability in Palo Alto Networks PAN-OS GlobalProtect gateway allows complete firewall takeover. CVSS 9.8.
Configure IPsec site-to-site VPN between FortiGate firewall and Azure VPN Gateway. Covers IKE configuration, routing, BGP, and high availability.
Configure FortiGate SSL VPN for secure remote user access. Covers portal setup, user authentication, firewall policies, and FortiClient configuration.
Security researchers have identified a severe authentication bypass vulnerability affecting multiple enterprise VPN products. Immediate patching recommended.
Deploy a hardened WireGuard VPN server on Linux — key generation, server and client config, firewall rules, and security best practices for production use.
CISA has issued an emergency directive requiring federal agencies to mitigate Ivanti Connect Secure vulnerabilities within 48 hours as active exploitation...