A study by researchers from Sapienza University of Rome and Queen Mary University of London reveals many of world's most popular VPN services suffer from significant security flaws.
A close inspection of 14 services reveals over half were found to be open to partial (and sometimes even full) IPv6 traffic leakage, which can expose your browsing history, even on sites that exclusively use IPv4.
On top of this, all but one of the 14 VPN services were found to be vulnerable to DNS hijacking and about half provide connectivity through the Point-to-Point Tunneling Protocol (PPTP) with MS-CHAPv2 authentication, which does not stand up well against brute force cracking attacks.
VPN services have risen in popularity for a multitude of reasons—whether for security on a public hotspot, privacy concerns, or simply as a way to work around regional restrictions on content. This study shows that users should be careful, however, as it's very easy to unwittingly purchase VPN services done wrong.