VPN Report | Independent analysis of VPN technology, privacy, and internet security

DPRK Hackers Use GitHub as C2 in South Korea Attacks

From below of long thin blue cables connected to row of small white connectors on system block in data center

Fortinet says DPRK-linked attackers used GitHub as C2 in multi-stage attacks on South Korea, starting with LNK files and a decoy PDF.

VPN Report
April 6, 2026

Password-Spraying Wave Targets Israeli Microsoft 365

A person in a hoodie using a laptop in a dark setting, conveying mystery and technology themes.

A suspected Iran-linked campaign used password spraying against Microsoft 365 tenants in Israel and the UAE across three March 2026 waves.

VPN Report
April 6, 2026

Qilin and Warlock Blind EDR With Vulnerable Drivers

Qilin and Warlock ransomware groups used vulnerable drivers to disable more than 300 EDR tools. Here’s the timeline, technique, and defense angle.

VPN Report
April 6, 2026

LiteLLM Attack Put Dev Machines at Risk

Close-up of a person coding on a laptop, showcasing web development and programming concepts.

LiteLLM’s supply chain attack showed how developer workstations can store reusable secrets, putting cloud access and AI tooling at risk.

VPN Report
April 6, 2026

Weekly Recap: Chrome 0-Day and Active Exploits

Close-up of a smartphone displaying a bank alert notification on a wooden table.

This week’s security recap covers Axios tampering, a Chrome zero-day, Fortinet exploitation, and spyware activity that raised the pressure on defenders.

VPN Report
April 6, 2026