Network routing working as intended
How is this even newsworthy?
This is network routing working as advertised and has never been within the scope of a VPN client to resolve. It is up to the client software you use to determine whether it’s accessing server infrastructure protected by the VPN or if a MiTM is being attempted. Network administrators have known this for a very long time and it’s also why we’ve been baking proper authentication schemes, integrity protection and encryption into every protocol under the sun for the past two decades.
Even people correctly using “anonymous VPNs” for their one useful purpose (hiding one’s own IP address for torrenting) aren’t affected by this, since they control the IP ranges they use in that scenario.
What a nothingburger.