Network World

Disable WPAD now or have your accounts and private data compromised

The Web Proxy Auto-Discovery Protocol (WPAD), enabled by default on Windows and supported by other operating systems, can expose computer users’ online accounts, web searches, and other private data, ...
Threat Post

WPAD Flaws Leak HTTPS URLs

Sniffing HTTPS URLs with malicious PAC files gets easier with a new technique that exploits flaws in the Web Proxy AutoDiscovery protocol. LAS VEGAS — Researchers have found flaws in the Web Proxy ...