CyberSecurityBoard
Sponsor Register Login

ExpressVPN Windows Client Vulnerability Exposes Users Real IP Addresses With RDP Connection

The flaw, discovered through the company’s bug bounty program, affected specific versions of the Windows client and allowed TCP traffic over port 3389 to bypass the VPN tunnel, potentially revealing users’ actual network locations to internet service providers and network observers. Users are strongly advised to update to the latest version of the ExpressVPN Windows application to ensure they benefit from these security enhancements and maintain optimal privacy protection during their VPN sessions. This code caused a critical routing failure where traffic using TCP port 3389, the standard port for Remote Desktop Protocol connections, would not be properly tunneled through the VPN infrastructure as intended. Kaaviya is a Security Editor and fellow reporter with Cyber Security News. This type of exposure defeats the primary purpose of VPN protection, which is to mask users’ real network locations and maintain anonymity. Security researcher Adam-X responsibly disclosed the vulnerability to ExpressVPN through their bug bounty platform.

This Cyber News was published on cybersecuritynews.com. Publication date: Tue, 22 Jul 2025 10:35:12 +0000


Cyber News related to ExpressVPN Windows Client Vulnerability Exposes Users Real IP Addresses With RDP Connection

ExpressVPN Review (2024): Pricing, Features, Pros, & Cons - You can unsubscribe at any ...
9 months ago Techrepublic.com
How To Protect RDP From Ransomware Attacks - RDP is common across businesses now that roughly half of all Americans can work at least part time from home. Employees can keep their work computers in the office but use them from their home devices through RDP. How Cybercriminals Target RDP As ...
1 year ago Feeds.dzone.com
ExpressVPN bug leaked user IPs in Remote Desktop sessions - ExpressVPN has fixed a flaw in its Windows client that caused Remote Desktop Protocol (RDP) traffic to bypass the virtual private network (VPN) tunnel, exposing the users' real IP addresses. Last year, ExpressVPN faced another issue causing DNS ...
4 days ago Bleepingcomputer.com
ExpressVPN bug has been leaking some DNS requests for years - ExpressVPN has removed the split tunneling feature from the latest version of its software after finding that a bug exposed the domains users were visiting to configured DNS servers. The bug was introduced in ExpressVPN Windows versions 12.23.1 - ...
1 year ago Bleepingcomputer.com
Adobe Real-Time CDP: Personalized Customer Experience - Adobe Experience Cloud Products like Adobe Real-Time CDP are available to assist. A revolutionary solution called Adobe Real-Time Customer Data Platform was created to assist companies in realizing the whole value of their customer data. Adobe ...
1 year ago Hackread.com
New Forensic Technique Uncovers Hidden Trails Left by Hackers Exploiting RDP - Forensic tools reconstruct attacker screen activity from thousands of 64x64 pixel bitmap fragments stored in RDP cache files, revealing viewed files and commands. Investigators identify RDP attackers through Windows Event IDs 4624/4625 and unique ...
1 week ago Cybersecuritynews.com
ExpressVPN Windows Client Vulnerability Exposes Users Real IP Addresses With RDP Connection - The flaw, discovered through the company’s bug bounty program, affected specific versions of the Windows client and allowed TCP traffic over port 3389 to bypass the VPN tunnel, potentially revealing users’ actual network locations to ...
4 days ago Cybersecuritynews.com
CVE-2024-56547 - In the Linux kernel, the following vulnerability has been resolved: rcu/nocb: Fix missed RCU barrier on deoffloading Currently, running rcutorture test with torture_type=rcu fwd_progress=8 n_barrier_cbs=8 nocbs_nthreads=8 nocbs_toggle=100 ...
6 months ago Tenable.com
9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
15 Best Bandwidth Monitoring Tools in 2025 - By providing real-time data on network usage, bandwidth monitoring tools enable proactive management and quick resolution of issues that could impact network performance. It provides real-time monitoring of network performance, traffic analysis, and ...
1 day ago Cybersecuritynews.com
15 PostgreSQL Monitoring Tools - 2025 - What is Good?What Could Be Better?Monitoring application performance, user experience, and errors.Some users find the pricing high, especially for larger environments.Continuous server, database, and infrastructure monitoring.The extensive feature ...
2 months ago Cybersecuritynews.com
Windows 10 Extended Security Updates Promised for Small Businesses and Home Users - Already common for enterprises, for the first time, individuals will also get the option to pay for extended security updates for a Windows operating system that's out of support. Windows 10 will stop getting free updates, including security fixes, ...
1 year ago Techrepublic.com
New Remote Desktop Puzzle Let Hackers Exfiltrate Sensitive Data From Organization - “The RDP bitmap cache is a witness to remote desktop interactions, providing insights into past activities,” Pen Test Partners said to Cyber Security News. In a recent case study, Pen Test Partners investigated a data breach where an ...
2 months ago Cybersecuritynews.com
Hackers Exploiting Windows .RDP Files For Rogue Remote Desktop Connections - This method, described as “Rogue RDP” by GTIG, allows attackers to access the victim’s file systems, clipboard data, and potentially even system variables, all under the guise of a legitimate application check. The deployment of ...
3 months ago Cybersecuritynews.com
Tech CEO Sentenced to 5 Years in IP Address Scheme - Amir Golestan, the 40-year-old CEO of the Charleston, S.C. based technology company Micfo LLC, has been sentenced to five years in prison for wire fraud. Golestan's sentencing comes nearly two years after he pleaded guilty to using an elaborate ...
1 year ago Krebsonsecurity.com
What Is Dynamic Host Configuration Protocol (DHCP)? - DHCP, or Dynamic Host Configuration Protocol, is a network protocol that allows devices on a network to be automatically assigned an IP address. DHCP is used extensively in both home and enterprise networks, as it simplifies the process of ...
2 years ago Heimdalsecurity.com
15 Best Docker Monitoring Tools in 2025 - What is Good ?What Could Be Better ?cAdvisor monitors containers without much overhead because to its minimal resource footprint.Real-time monitoring is its main focus, and historical data storage is limited.It simplifies troubleshooting using ...
2 hours ago Cybersecuritynews.com
Microsoft fixes Remote Desktop issues caused by Windows updates - "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a ...
3 months ago Bleepingcomputer.com
Kimusky Hackers Exploiting RDP & MS Office Vulnerabilities in Targeted Attacks - A sophisticated Advanced Persistent Threat (APT) operation named Larva-24005, linked to the notorious Kimsuky threat group, has been discovered actively exploiting critical vulnerabilities in Remote Desktop Protocol (RDP) and Microsoft Office ...
3 months ago Cybersecuritynews.com Equation Kimsuky CVE-2019-0708
Google Chrome To Roll Out Real-Time Phishing Protection - Google Chrome has been protecting users from malicious websites and files with Safe Browsing, which maintains a locally-stored list updated every 30-60 minutes. To address it, Chrome is introducing a new version of Safe Browsing that provides ...
1 year ago Cybersecuritynews.com
Microsoft: Recent Windows updates cause Remote Desktop issues - "After installing the January 2025 Windows preview update (KB5050094) and later updates, users might experience unexpected disconnections with Remote Desktop Protocol (RDP) sessions, including Remote Desktop Services (RDS)," the company said in a new ...
4 months ago Bleepingcomputer.com
25 Best Managed Security Service Providers (MSSP) - 2025 - Pros & Cons: ProsConsStrong threat intelligence & expert SOCs.High pricing for SMBs.24/7 monitoring & rapid incident response.Complex UI and steep learning curve.Flexible, scalable, hybrid deployments.Limited visibility into endpoint ...
4 weeks ago Cybersecuritynews.com
Microsoft Warns of New StilachiRAT Stealing Remote Desktop Protocol Sessions Data - Microsoft has issued an urgent security advisory regarding a newly discovered malware strain called StilachiRAT, which specifically targets and exfiltrates data from Remote Desktop Protocol (RDP) sessions. Microsoft recommends organizations implement ...
4 months ago Cybersecuritynews.com
Customer compliance and security during the post-quantum cryptographic migration | AWS Security Blog - For example, using the s2n-tls client built with AWS-LC (which supports the quantum-resistant KEMs), you could try connecting to a Secrets Manager endpoint by using a post-quantum TLS policy (for example, PQ-TLS-1-2-2023-12-15) and observe the PQ ...
9 months ago Aws.amazon.com
5 Lessons Learned from Windows Remote Desktop Honeypot Report - Recently, the SANS Institute released their annual Windows Remote Desktop Honeypot Report, providing comprehensive insights into the nature of malicious activity in a Windows environment. In order to understand how your own Windows network can be ...
2 years ago Bleepingcomputer.com

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)