08 June 2026
1. What is being reported?
Security researchers have identified a previously unknown critical vulnerability in some VPN software that allows attackers to break into networks remotely. The Qilin ransomware gang is actively exploiting this flaw to launch ransomware attacks, which can lock organisations out of their own data until a ransom is paid.
2. What this means in plain English
If your organisation uses VPNs to allow staff to work remotely, this flaw could let attackers gain unauthorised access to your systems. This could lead to data being encrypted and held for ransom, causing disruption and potential financial loss.
3. Could this affect a small business?
Small businesses and charities that use VPNs for remote access could be affected, especially if their VPN software is from a commonly used vendor. Those not using VPNs or using different remote access methods are less likely to be impacted.
4. What to do now
- Contact your IT provider or software supplier immediately to check if your VPN software is affected.
- Apply any security updates or patches provided by your VPN vendor as soon as they become available.
- Review and strengthen your VPN access controls, including strong passwords and multi-factor authentication.
- Monitor your network for unusual activity and ensure regular backups are in place in case of ransomware.
5. Ask your IT provider
Can you confirm if our VPN software is affected by the recent zero-day vulnerability linked to Qilin ransomware, and what steps are being taken to protect us?
6. Bottom line
Act quickly to check and update your VPN software to reduce the risk of ransomware attacks exploiting this critical flaw.
Information based on reputable security reporting and CISA Known Exploited Vulnerabilities list.