:

MULLVAD ROLLS OUT FIX FOR VPN EXIT IP LEAK

INDUSTRY DESK1 MIN READ
MON, MAY 25, 2026

■ AI-SUMMARIZED FROM 1 SOURCE ▸ TIMELINE

Mullvad has begun deploying a mitigation for a vulnerability affecting VPN exit IP servers. The rollout addresses a security issue that could expose user traffic under certain conditions.

Mullvad, the privacy-focused VPN provider, is implementing fixes across its exit IP VPN servers following the discovery of a potential vulnerability. The mitigation rollout targets servers that could leak connection information under specific circumstances. The company has detailed the technical aspects and deployment timeline on its help documentation page. The issue gained attention on Hacker News, accumulating 111 points and 18 comments from the security community. Users discussed the implications and Mullvad's response approach. Mullvad's transparent disclosure of the vulnerability and methodical rollout strategy reflects standard practices for privacy-oriented VPN services. The company continues monitoring deployment progress to ensure all affected infrastructure receives the necessary updates. Users running Mullvad can expect improved security as the mitigation reaches their assigned exit nodes. The company recommends checking their help resources for specific details about affected servers and timelines.

■ SOURCES

Hacker News

■ SUMMARY WRITTEN BY AI FROM THE LINKS ABOVE

■ MORE FROM THE SECURITY DESK

U.S. federal prosecutors have unsealed charges against three Russian nationals accused of operating a bulletproof hosting service that supported ransomware gangs responsible for over $62 million in damages worldwide.

4H AGOIndustry Desk

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warned that attackers are actively exploiting three vulnerabilities in Internet-exposed on-premises SharePoint Server instances. Organizations running affected versions must patch immediately.

4H AGOSecurity Desk

Tailscale disclosed a critical vulnerability in its SSH implementation that allowed attackers to gain root access through insecure argument handling. The flaw has been patched in recent versions.

6H AGOAI Desk

A new study found that social media platforms referred over 5.7 million visits to nonconsensual deepfake pornography sites between December 2025 and March 2026, with YouTube and X accounting for the majority of traffic.

9H AGOIndustry Desk

■ SUBSCRIBE TO THE DAILY BRIEF

ONE EMAIL, 5 STORIES, 06:00 UTC. UNSUBSCRIBE ANYTIME.