Cable Haunt is a recent vulnerability that has been found in over 200 million cable modems in Europe and likely many more in other countries as well. Many modern modems use similar Broadcom chipsets and used the same reference firmware which contained the vulnerability. Because of this, the impact of this vulnerability is much greater than it would have been otherwise. Software running in many (probably nearly all) consumer modems have not implemented best practices for security.
Having an offline local network with no Internet access can be useful for a number of reasons. A few that come to mind are home lab networks, non-cloud IoT device networks, and “closed circuit” IP security camera network. For my network, I set up a separate offline IP security camera network using Amcrest IP cameras (affiliate link) as a baby monitor system. The quality is so much better and it is more secure than traditional baby monitors because I can lock down access from outside users.
A VPN server can provide an encrypted connection to your home network. It is a great way to remotely access your network since it provides a high level of security. Once you are connected to the VPN server, you essentially become a part of the network in which you are connected. This is different than using an SSH server because you are not directly connecting to a single machine on your network.
Historically, DNS is a service that was designed to be unencrypted. Whenever a device from your network is trying to go to a web address, it needs to determine the IP address of the website in order to access it. With the increasing levels of tracking and data sharing/selling, a growing awareness that having DNS traffic unencrypted is not a good idea from a privacy and security standpoint. ISPs and other entities are able to know which sites you visit even if all of your web traffic is encrypted.
On my home network, I host a few public facing services that my family and I make use of when away from home such as Plex Media Server. On Plex I have limited the bandwidth remote users may use to be slightly less than the maximum of my upload speed so my home network is still usable. I am using my own registered domain name which I use to refer to devices on my network (both internally and externally, which you can read more about with another article I wrote).