Threat actors increasingly target virtual private network (VPN) providers to break into organizations. This August, tech giant Cisco released patches to mitigate vulnerabilities, some of which would allow remote code execution (RCE) attacks or cause a denial of service (DoS) in VPN routers. Since the shift to remote and hybrid work, there’s been an increase in attacks against VPNs, a new study by Cybersecurity Insiders and ZScaler said. By exploiting a VPN, threat actors could launch ransomware, phishing attacks, or DoS. There are almost 500 publicly known VPN vulnerabilities that cybercriminals could exploit to exfiltrate sensitive business data.