Is Your Privacy at Risk Due to ExpressVPN’s DNS Leak?

In a recent development, ExpressVPN issued an emergency patch to address a significant vulnerability in its Windows app. The issue pertained to the app’s split-tunneling feature which, when enabled, would allow certain DNS requests to be routed improperly. Attila Tomaschek, a VPN expert, sounded the alarm when he discovered that some DNS queries were inadvertently being sent to third-party servers, including potentially the user’s own Internet Service Provider (ISP), rather than through the encrypted channels of ExpressVPN’s servers.

While the encryption of data remained intact, the privacy of users was at stake. This flaw potentially exposed the browsing habits of approximately 1% of ExpressVPN’s customers—specifically those employing the split-tunneling feature to dictate which app traffic was protected by the VPN. In response, ExpressVPN promptly disabled the feature for those affected as they worked on a permanent fix.

Swift Response and Future Implications

Upon discovery of the DNS routing issue, ExpressVPN took immediate action. The company’s responsive approach underscores the importance of user privacy and the protection of all VPN traffic, a foundational aspect of any VPN service. ExpressVPN has begun an investigation into the matter and has reaffirmed their commitment to privacy and security. This incident did not affect all users; it was limited to those utilizing specific configurations of the split-tunneling functionality.

The vulnerability brings to light the critical nature of vigilance in the world of cybersecurity. Users of VPN services, such as ExpressVPN, rely heavily on the assurance that their activities online are shielded from unauthorized observation. This DNS leak serves as a pertinent reminder that while VPNs are crucial in the quest for digital privacy, they are not infallible. Ongoing scrutiny and swift action in addressing vulnerabilities are fundamental to maintaining trust and safety that users expect from their chosen VPN providers.

Explore more

Can a Unified ERP System Future-Proof Levi Strauss?

Establishing a seamless digital environment for a brand that spans over a hundred nations is a monumental undertaking that requires more than just standard software updates. Currently, Levi Strauss & Co. is navigating a profound transformation of its digital infrastructure, aiming for a mid-2027 completion of a fully integrated global enterprise resource planning system. This strategic overhaul is not merely

Ethereum Faces $10 Billion Liquidation Risk Near $2,000

The current trajectory of Ethereum suggests a massive collision between aggressive retail speculation and sophisticated institutional sell-side pressure as the asset hovers near the $2,000 psychological threshold. This specific price point has historically served as a pivot for broader market sentiment, influencing the behavior of various decentralized finance protocols and secondary layer-two scaling solutions. Currently, the market exhibits a state

ClickLock Malware Coerces macOS Users to Surrender Passwords

Traditional macOS security architectures have long been celebrated for their robust sandboxing and gated execution, yet a new strain of malware is proving that the human element remains the most vulnerable entry point in any digital ecosystem. This threat, known as ClickLock, has emerged as a particularly aggressive evolution in the macOS threat landscape by prioritizing psychological pressure and social

Stalled Windows 11 Migration Poses Growing Security Risks

The global landscape of enterprise computing is currently grappling with a persistent digital divide as a significant segment of users continues to rely on Windows 10 despite the availability of more secure alternatives. The current ecosystem of digital infrastructure remains tethered to legacy architecture, with recent telemetry indicating that approximately one in six workstations worldwide continues to operate on Windows

How Is OpenAI Redefining AI With Precision Engineering?

The shift from experimental conversationalists to precise engineering tools has fundamentally altered the landscape of digital productivity and high-performance computing in 2026. This transition is marked by a move away from the early excitement surrounding generative models toward a rigorous framework centered on deep optimization and granular control. OpenAI has spearheaded this movement with the introduction of the GPT-5.6 Sol