ZDNet

Some enterprise VPN apps store authentication/session cookies insecurely

At least four Virtual Private Network (VPN) applications sold or made available to enterprise customers share security flaws, warns the Carnegie Mellon University CERT Coordination Center (CERT/CC) ...
Bleeping Computer

Multiple Enterprise VPN Apps Allow Attackers to Bypass Authentication

Enterprise VPN applications developed by Palo Alto Networks, Pulse Secure, Cisco, and F5 Networks are storing authentication and session cookies insecurely according to a DHS/CISA alert and a ...