VPN bypass vulnerability affects Android Jelly Bean and KitKat, researchers say

A vulnerability in Android allows malicious applications to bypass an active VPN (virtual private network) connection and force traffic from the device through an attacker-controlled system where it can be intercepted, according to security researchers from Ben-Gurion University of the Negev in Israel.

Story added 28. January 2014, content source with full text you can find at link above.