Security researchers have identified that Mullvad VPN's exit IP addresses can be used as fingerprinting vectors to identify and track users, undermining the privacy protections the service is designed to provide.
A technical analysis reveals that Mullvad's exit IP pool exhibits patterns that enable user identification despite the VPN's focus on privacy. The finding suggests that exit IPs alone can serve as reliable fingerprints for tracking sessions and correlating user behavior across time.
The discovery challenges assumptions about VPN anonymity. While Mullvad rotates exit IPs, the limited pool size and predictable patterns create identification opportunities for determined observers. Researchers documented how exit IP selection can be correlated with user behavior and timing metadata.
Mullvad has built its reputation on transparency and privacy-first practices, including storing minimal logs and supporting alternative payment methods. However, this research indicates that even privacy-focused VPN operators face fundamental challenges in protecting user identity through IP rotation alone.
The findings have sparked discussion in the security community about the limitations of current VPN architectures and the need for additional anonymization layers beyond IP masking. Mullvad has not yet publicly responded to the analysis.
The FBI has taken control of websites operated by Alarum Technologies Ltd., marking a significant enforcement action against the proxy network industry. The move signals increased federal scrutiny of services that mask user identities online.
xAI, owned by Elon Musk, is suing a South Carolina man who allegedly used the Grok AI chatbot to generate child sexual abuse material (CSAM). Terry Wayne Harwood faces eight felony charges after his arrest in February.
Meta has issued conflicting statements about NameTag, a face recognition system reported by WIRED. Company executives have offered unclear remarks on whether the technology actually exists.
Zoom has disclosed a critical vulnerability affecting its Windows desktop client and SDK that allows unauthenticated attackers to hijack user accounts. The company has released patches to address the security issue.