Free VPN Apps Pose Major Security Risks, Study Finds

A comprehensive study of 800 free mobile VPN apps has uncovered widespread security and privacy risks, revealing that many fail to protect user data. Researchers found numerous applications leaking personal information, using outdated code vulnerable to major exploits like the Heartbleed bug, and susceptible to man-in-the-middle attacks. Many of these apps also request excessive and dangerous permissions, such as constant location tracking or access to system logs, far beyond their core function. Furthermore, a significant number of the apps lack transparency, failing to properly disclose their data handling practices to users. For organizations with bring-your-own-device policies, these flawed VPNs represent a critical weak link that can expose sensitive enterprise data.

Latest mentioned: 10-07

Earliest mentioned: 10-04

Sources

hackread.com zimperium.com

Also Read

Gunra Ransomware Targets Windows and Linux Systems

Gunra ransomware, active since April 2025, poses a significant threat with its dual-platform capability, targeting both Windows and Linux systems. The Windows variant uses ChaCha8 encryption and secure random number generation, making decryption impractical. In contrast, the Linux variant employs ChaCha20 encryption but suffers from a cryptographic flaw due to weak random number generation, allowing potential file recovery through brute-force attacks. Organizations must develop platform-specific threat intelligence and incident response strategies to mitigate risks effectively.

10-29Read more →