Security news aggregator

Latest coverage for Proxy

Proxy servers can mask network origins, filter traffic, and create security risks when attackers abuse them for evasion or unauthorized access.

135 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

A proxy is an intermediary that sends requests to a destination and returns responses, so the client and destination do not communicate directly. A forward proxy represents users or systems making outbound connections; a reverse proxy represents an application or service to inbound clients and may route traffic, terminate TLS, or enforce authentication. This tag generally concerns these network components, not browser-based privacy tools alone.

Security depends heavily on configuration and trust boundaries. A forward proxy can enforce egress policy and provide useful logs, but an exposed or misconfigured one may permit unauthorized relaying, while proxy logs can reveal sensitive browsing or business activity. TLS inspection requires controlled certificate deployment and careful handling of decrypted traffic. Reverse proxies reduce direct exposure of back-end services, but access controls must not rely solely on them, and forwarded client-IP headers must be trusted only from known proxies. During investigations, proxy logs help reconstruct connections, but shared addresses and address translation can complicate attribution.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 135

Fake apps like WireVPN and a trojanized 7-Zip turn victims’ devices into residential proxies, letting criminals route traffic through their IPs. Infoblox’s threat research team started pulling on a single thread in early 2026: a fake version of the 7-Zip archive utility hosted at 7zip[.]com instead of the real site, 7-zip[.]org. The researchers uncovered a […]

Krebs on Security 2 weeks, 1 day ago

FBI Seizes NetNut Proxy Platform, Popa Botnet

The Federal Bureau of Investigation (FBI) said today it worked with industry partners to seize hundreds of domains associated with NetNut, a sprawling residential proxy service operated by the publicly-traded Israeli company Alarum Technologies [NASDAQ: ALAR]. The action comes roughly two weeks after KrebsOnSecurity published findings from multiple security firms connecting NetNut to the Popa botnet, a collection of at least two million devices that have been compromised by malicious software with little or no consent from victims.

For the past four years, a sprawling Android-based botnet called Popa has forced millions of consumer TV boxes to relay Internet traffic linked to advertising fraud, account takeovers, and mass data-scraping efforts. This week, researchers from multiple security firms concluded that the Popa botnet is linked to NetNut, a "residential proxy" provider operated by the publicly-traded Israeli firm Alarum Technologies Ltd [NASDAQ: ALAR].

Microsoft has disclosed details of a Windows-based cryptocurrency clipper campaign that has targeted users since February 2026 with clipboard-intercepting malware with self-spreading capabilities and using the Tor anonymity network to hide communication

A default low-privilege account on a LiteLLM proxy can climb to full admin and run code on the server by chaining three vulnerabilities, researchers at Obsidian Security disclosed LiteLLM is a widely deployed open-source AI gateway that brokers calls to more than 100 model providers behind one OpenAI-compatible interface

Dutch authorities seized 200 servers running a 17-million-device botnet linked to proxy service Asocks. Dutch authorities have taken offline a massive botnet of at least 17 million devices and seized more than 200 servers at a local provider that supported the operation. Infected devices included computers, tablets, and smartphones. The action was carried out following […]

Loading more headlines...