ExpressVPN Windows Client Vulnerability Exposes Users Real IP Addresses With RDP Connection

Threat Level

39% Cybersecurity News 16 hours ago Part of cluster #1300

A critical security vulnerability in ExpressVPN Windows desktop application that could expose users’ real IP addresses when using Remote Desktop Protocol (RDP) connections. The flaw, discovered through the company’s bug bounty program, affected specific versions of the Windows client and allowed TCP traffic over port 3389 to bypass the VPN tunnel, potentially revealing users’ actual […]...

Continue Reading on Original Site

Recommended Articles

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

SecurityWeek 9 hours ago

Microsoft says the Chinese threat actors Linen Typhoon, Violet Typhoon, and Storm-2603 have been exploiting the ToolShell zero-days....

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

TechCrunch 12 hours ago

The tech giants have evidence that Chinese hackers are exploiting the new bug, but warned "multiple actors" are also hacking into affected SharePoint systems....

Apple alerted Iranians to iPhone spyware attacks, say researchers

TechCrunch 5 hours ago

Researchers say Apple sent out threat notifications to several Iranians in recent months, saying their iPhones had been hacked. Iran is likely behind the attacks....

Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released

FortiGuard Threat Signal 45 minutes ago

Threat Signal Report Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released Description Update 3/14 - Coverage section updated with available IPS signature. Forti...

Lumma infostealer malware returns after law enforcement disruption

BleepingComputer 5 hours ago

Lumma infostealer malware returns after law enforcement disruption Bill Toulas July 22, 2025 05:34 PM 0 The Lumma infostealer malware operation is gradually resuming activities following a massive law...

Threat Intelligence

Ransomware 1

Desktop

Business Intelligence

Platforms 1

Windows

Information

Article ID: #4234
Published: 16 hours ago
Source: Cybersecurity News

Recommended Articles

Microsoft Says Chinese APTs Exploited ToolShell Zero-Days Weeks Before Patch

Google, Microsoft say Chinese hackers are exploiting SharePoint zero-day

Apple alerted Iranians to iPhone spyware attacks, say researchers

Proof of Concept for Microsoft Word RTF Font Table Heap Corruption (CVE-2023-21716) Released

Lumma infostealer malware returns after law enforcement disruption

Save to Folder

We use cookies

Cookie Settings

Essential Cookies

Analytics Cookies

Performance Cookies

Marketing Cookies