Ars Technica

Code-execution bug in Pulse Secure VPN threatens patch laggards everywhere

Organizations that have yet to install the latest version of the Pulse Secure VPN have a good reason to stop dithering—a code-execution vulnerability that allows attackers to take control of networks ...
Bleeping Computer

Pulse Secure fixes VPN zero-day used to hack high-value targets

Pulse Secure has fixed a zero-day vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance that is being actively exploited to compromise the internal networks of defense firms and govt ...
Bleeping Computer

Pulse Secure VPN zero-day used to hack defense firms, govt orgs

Pulse Secure has shared mitigation measures for a zero-day authentication bypass vulnerability in the Pulse Connect Secure (PCS) SSL VPN appliance actively exploited in attacks against worldwide ...
Wired

VPN Hacks Are a Slow-Motion Disaster

This year has seen no shortage of blockbuster hacks, from the SolarWinds supply chain meltdown to China’s blitz against Microsoft Exchange servers. It’s a lot. But the outsized focus on those hacking ...