vpn
Safeguard articles tagged "vpn" — guides, analysis, and best practices for software supply chain and application security.
13 articles
Ivanti Connect Secure CVE-2024-21887 Explained: Command Injection in a Two-Bug Chain
CVE-2024-21887 is a command injection in Ivanti Connect Secure that, chained with the auth bypass CVE-2023-46805, gave attackers unauthenticated RCE. Here is the timeline, root cause, and patched versions.
Edge Appliances Are the Soft Underbelly: VPN Zero-Days as Initial Access in 2026
Check Point's CVE-2026-50751 and Cisco's seventh SD-WAN zero-day of the year are not isolated bugs — they are the same story. Here is why VPN and edge appliances keep becoming the front door for ransomware, and how to monitor and segment them.
Check Point VPN Zero-Day CVE-2026-50751: Auth Bypass Under Active Exploitation
Check Point's CVE-2026-50751 lets an attacker dictate how hard the gateway checks them — and walk in without a password. It is rated CVSS 9.3, exploited since early May 2026, and already tied to a Qilin ransomware affiliate.
Palo Alto PAN-OS CVE-2026-0265: CAS Signature-Verification Auth Bypass (May 2026)
Palo Alto disclosed CVE-2026-0265 on May 13, 2026, a cryptographic-signature-verification flaw in Cloud Authentication Service that bypasses PAN-OS authentication. Researchers claim live GlobalProtect portal bypasses. Full analysis.
Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators
CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.
Akira Ransomware VPN Appliance Exploitation
Akira has industrialized VPN appliance exploitation. Here is the tradecraft, the advisories that document it, and what defenders must do about edge software supply chain risk.
What is a VPN
A plain-English breakdown of what a VPN is, how it encrypts traffic, and why VPN gateways have become one of the most exploited attack surfaces in enterprise networks.
CVE-2025-20333 in Cisco ASA: Patch Posture & SBOM Response
Cisco Secure Firewall ASA/FTD buffer overflow scored CVSS 9.9 and was added to CISA KEV the day Cisco published the advisory. Here is the defender playbook.
Fog Ransomware: Why the Education Sector Keeps Getting Hit
Fog ransomware has carved a niche targeting schools and universities, exploiting chronic underfunding and SonicWall VPN vulnerabilities to devastating effect.
Akira Ransomware: Exploiting VPN Vulnerabilities for Supply Chain Entry
Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.
WireGuard for Development Infrastructure: Fast, Simple, and Secure Tunneling
WireGuard's simplicity and performance make it well-suited for securing development infrastructure. Here is how to deploy it for build servers, artifact repositories, and developer access.
VPN Security for Remote Development Teams: Beyond the Basics
Remote development teams depend on VPNs, but misconfigured VPNs create supply chain risks. Split tunneling, credential management, and endpoint security all affect build pipeline integrity.