Security News > 2020 > April > Google removes Android VPN with ‘critical vulnerability’ from Play Store
Google has removed an Android VPN program from the Google Play store after researchers notified it of a critical vulnerability.
VPNpro, a company that reviews and advises on VPN products, warned in February of a vulnerability in the product that could cause a man in the middle attack, enabling an intruder to insert themselves between the user and the VPN service.
What this VPN app has done is to leave its users, people seeking extra privacy and security, to actually have less privacy and security than if they'd used no VPN at all.
Instead, it notified the Google Play Security Reward Program, operated for Google by HackerOne.
SuperVPN wasn't the only Android VPN to raise VPNpro's concerns.
News URL
Related news
- Google Warns of Actively Exploited CVE-2024-43093 Vulnerability in Android System (source)
- Google patches actively exploited Android vulnerability (CVE-2024-43093) (source)
- Week in review: Zero-click flaw in Synology NAS devices, Google fixes exploited Android vulnerability (source)
- Hackers target critical zero-day vulnerability in PTZ cameras (source)
- Google’s AI Tool Big Sleep Finds Zero-Day Vulnerability in SQLite Database Engine (source)
- Google fixes two Android zero-days used in targeted attacks (source)
- Cisco Releases Patch for Critical URWB Vulnerability in Industrial Wireless Systems (source)
- Critical vulnerability in Cisco industrial wireless access points fixed (CVE-2024-20418) (source)
- CISA Alerts to Active Exploitation of Critical Palo Alto Networks Vulnerability (source)
- Google's mysterious 'search.app' links leave Android users concerned (source)