A new attack vector named VORACLE can recover HTTP traffic that is sent via encrypted VPN connections under certain conditions. The conditions appear to be:

  • Use the OpenVPN protocol
  • Visit an HTTP that is under control or compromised by the attacker
  • Using OpenVPN compression. OpenVPN can optionally use or not use compression. By default, it uses compression. This is usually under the control of the VPN provider.

Our recommendation is to not use OpenVPN. Instead, use the IKEv2 encryption protocol. If your VPN provider does not support IKEv2, change providers. My current favorite is NordVPN.

More information can be found on Bleeping Computer.