:

MULLVAD EXIT IPS REVEAL USER FINGERPRINTS

INDUSTRY DESK1 MIN READ
FRI, MAY 15, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Security researchers have identified that Mullvad VPN's exit IP addresses can be used as fingerprinting vectors to identify and track users, undermining the privacy protections the service is designed to provide.

A technical analysis reveals that Mullvad's exit IP pool exhibits patterns that enable user identification despite the VPN's focus on privacy. The finding suggests that exit IPs alone can serve as reliable fingerprints for tracking sessions and correlating user behavior across time. The discovery challenges assumptions about VPN anonymity. While Mullvad rotates exit IPs, the limited pool size and predictable patterns create identification opportunities for determined observers. Researchers documented how exit IP selection can be correlated with user behavior and timing metadata. Mullvad has built its reputation on transparency and privacy-first practices, including storing minimal logs and supporting alternative payment methods. However, this research indicates that even privacy-focused VPN operators face fundamental challenges in protecting user identity through IP rotation alone. The findings have sparked discussion in the security community about the limitations of current VPN architectures and the need for additional anonymization layers beyond IP masking. Mullvad has not yet publicly responded to the analysis.

■ SOURCES

Hacker News

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

The FBI has taken control of websites operated by Alarum Technologies Ltd., marking a significant enforcement action against the proxy network industry. The move signals increased federal scrutiny of services that mask user identities online.

3H AGOSecurity Desk

xAI, owned by Elon Musk, is suing a South Carolina man who allegedly used the Grok AI chatbot to generate child sexual abuse material (CSAM). Terry Wayne Harwood faces eight felony charges after his arrest in February.

3H AGOAI Desk

Meta has issued conflicting statements about NameTag, a face recognition system reported by WIRED. Company executives have offered unclear remarks on whether the technology actually exists.

3H AGOIndustry Desk

Zoom has disclosed a critical vulnerability affecting its Windows desktop client and SDK that allows unauthenticated attackers to hijack user accounts. The company has released patches to address the security issue.

4H AGOSecurity Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.