Free is nice -- until it's not. In a study of over 800 no-cost virtual private networks, a cybersecurity team found that nearly two-thirds relied on vulnerable coding and put consumers' data and privacy at risk. The investigation by Zimperium zLabs, a mobile security company, looked at VPNs for both Android and iOS, and found that hundreds offered no real privacy, required risky permissions, leaked personal data and used outdated and vulnerable code.

Don't miss any of our unbiased tech content and lab-based reviews. Add CNET as a preferred Google source.

Zimperium zLabs said these issues are very problematic for companies with bring-your-own-device policies.

"These mobile VPN apps, even popular ones, can become the weakest link in an organization's security posture, exposing se

See Full Page