I keep hearing on VPN ads that you have to use a VPN to not have your login information stolen. So far I have been using Cloudflare WARP to be safe enough. However, if I am using an HTTPS website, do I really need a VPN or WARP? Will an attacker on the same network as me be able to access passwords transmitted over HTTPS?
If the WiFi is relatively modern (WPA3, ARP filtering) sniffing attacks aren’t all that viable anymore. Sadly, it’s very hard to see the security properties of a wireless network before connecting to it.