Safeguard
Tag

vpn

Safeguard articles tagged "vpn" — guides, analysis, and best practices for software supply chain and application security.

13 articles

Vulnerability Analysis

Ivanti Connect Secure CVE-2024-21887 Explained: Command Injection in a Two-Bug Chain

CVE-2024-21887 is a command injection in Ivanti Connect Secure that, chained with the auth bypass CVE-2023-46805, gave attackers unauthenticated RCE. Here is the timeline, root cause, and patched versions.

Jul 8, 20266 min read
Vulnerabilities

Edge Appliances Are the Soft Underbelly: VPN Zero-Days as Initial Access in 2026

Check Point's CVE-2026-50751 and Cisco's seventh SD-WAN zero-day of the year are not isolated bugs — they are the same story. Here is why VPN and edge appliances keep becoming the front door for ransomware, and how to monitor and segment them.

Jun 17, 20267 min read
Vulnerabilities

Check Point VPN Zero-Day CVE-2026-50751: Auth Bypass Under Active Exploitation

Check Point's CVE-2026-50751 lets an attacker dictate how hard the gateway checks them — and walk in without a password. It is rated CVSS 9.3, exploited since early May 2026, and already tied to a Qilin ransomware affiliate.

Jun 9, 20266 min read
Vulnerability Analysis

Palo Alto PAN-OS CVE-2026-0265: CAS Signature-Verification Auth Bypass (May 2026)

Palo Alto disclosed CVE-2026-0265 on May 13, 2026, a cryptographic-signature-verification flaw in Cloud Authentication Service that bypasses PAN-OS authentication. Researchers claim live GlobalProtect portal bypasses. Full analysis.

May 15, 202612 min read
Vulnerability Analysis

Citrix Bleed 2 Implications: What CVE-2024-6235 Means for NetScaler Operators

CVE-2024-6235 was the followup to the original Citrix Bleed and exposed sensitive data from NetScaler ADC and Gateway appliances. The technical details and what changes.

Mar 29, 20265 min read
Threat Intelligence

Akira Ransomware VPN Appliance Exploitation

Akira has industrialized VPN appliance exploitation. Here is the tradecraft, the advisories that document it, and what defenders must do about edge software supply chain risk.

Mar 7, 20267 min read
Best Practices

What is a VPN

A plain-English breakdown of what a VPN is, how it encrypts traffic, and why VPN gateways have become one of the most exploited attack surfaces in enterprise networks.

Feb 17, 20267 min read
Vulnerability Response

CVE-2025-20333 in Cisco ASA: Patch Posture & SBOM Response

Cisco Secure Firewall ASA/FTD buffer overflow scored CVSS 9.9 and was added to CISA KEV the day Cisco published the advisory. Here is the defender playbook.

Oct 2, 20256 min read
Ransomware

Fog Ransomware: Why the Education Sector Keeps Getting Hit

Fog ransomware has carved a niche targeting schools and universities, exploiting chronic underfunding and SonicWall VPN vulnerabilities to devastating effect.

Jan 14, 20256 min read
Ransomware

Akira Ransomware: Exploiting VPN Vulnerabilities for Supply Chain Entry

Akira ransomware systematically exploited Cisco VPN vulnerabilities as its primary entry vector, targeting organizations through the network infrastructure they trusted most.

Jan 12, 20247 min read
Network Security

WireGuard for Development Infrastructure: Fast, Simple, and Secure Tunneling

WireGuard's simplicity and performance make it well-suited for securing development infrastructure. Here is how to deploy it for build servers, artifact repositories, and developer access.

Jun 5, 20235 min read
Network Security

VPN Security for Remote Development Teams: Beyond the Basics

Remote development teams depend on VPNs, but misconfigured VPNs create supply chain risks. Split tunneling, credential management, and endpoint security all affect build pipeline integrity.

Feb 5, 20235 min read
vpn — Safeguard Blog