Investigations - VPNrevie.ws

The VPNrevie.ws mascot, a pine marten, investigates a fake telegram that is drawn over with a cross. Under it, the "security check complete" dialogue from APKPure

Investigations

APKPure Served a Data-Stealing Imposter of Telegram

A repackaged Telegram APK on APKPure contained a collector that exfiltrated messages, media and contacts to a server previously running a simple Collector Dashboard.

Investigations

Mullvad's Exit IPs Are Fingerprinting Its Users

Your WireGuard public key can tie your sessions together across Mullvad servers. That's exactly the sort of subtle linkage that privacy-conscious users assume does not exist.

Tired VPNrevie.ws mascot fed up with all these breaches. Made with Gemini

Investigations

The Patch Wave: Eleven Breaches, One Week, and the Myth of the AI Collapse

A single week saw Linux, Windows, macOS, Next.js, and the global software supply chain battered by critical exploits and mass advisories. Is this the long-feared AI-driven collapse of digital infrastructure, or just the new normal? A technical, evidence-driven investigation.

Investigations

JDownloader's Linux Installer Delivered a Root Backdoor

ℹ️This is a developing situation I have relied on JDownloader for years. It is the sort of unglamorous tool you install once and forget about until you need to pull a 40 GB archive at 3 a.m. So when the official site went dark on 7 May and

Investigations

Copy Fail: 732 bytes to root on almost every Linux server since 2017

A subtle 2017 optimisation in the Linux kernel's crypto layer has just been turned into a reliable, 732-byte path from any user account to root. Here's what it means for your servers and what to do right now.

Sad Roblox character holding a shimmering white triangle over a red background

Investigations

Vercel’s supply-chain breach: one Roblox script away from your secrets

A stolen Roblox auto-farm script led to Context.ai credentials, then Vercel Google Workspace takeover via OAuth token abuse in March 2026.

Hands holding an orange iPhone with the DuckDuckGo mascot Dax the Duck on screen against a green background

Investigations

What DuckDuckGo's VPN audit can and cannot tell you

Securitum signed off on DuckDuckGo's no-logs policy last month. The audit is better than most and thinner than some, and understanding why is the difference between useful privacy scepticism and reading marketing copy.