Adam Smith reports:
ProtonVPN and NordVPN were exposed to vulnerabilities that could have allowed hackers to execute arbitrary code with administrator privileges on computers running Windows.
The bugs, CVE-2018-3952 (affecting NordVPN) and CVE-2018-4010 (affecting ProtonVPN), were discovered by Cisco Talos security researchers and are similar to another security flaw (tracked as CVE-2018-10169) discovered in March by security consulting firm VerSprite.
Read more on PCMag.