407
Never-before-seen Linux malware gets installed using 1-day exploits
(arstechnica.com)
This is a most excellent place for technology news and articles.
These vpns seem to be quite a good target since at least the one my university uses is run as a setuid executable, so if there is a vulnerability in there, you can execute code as root that wasn't intended to be executed as root.