Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps 2025-09-24 at 12:41 By Eduard Kovacs The attack was aimed at a European network infrastructure company and it has been linked to the Aisuru botnet. The post Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps appeared first on SecurityWeek. This article is an […]
React to this headline:
Record-Breaking DDoS Attack Peaks at 22 Tbps and 10 Bpps Read More »
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader 2025-09-17 at 15:23 By Zeljka Zorz Microsoft and Cloudflare have disrupted a Phishing-as-a-Service operation selling the RaccoonO365 kit for stealing Microsoft 365 account credentials. “Using a court order granted by the Southern District of New York, [we] seized 338 websites associated with the popular service, disrupting
React to this headline:
Microsoft disrupts the RaccoonO365 Phishing-as-a-Service operation, names alleged leader Read More »
Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise 2025-09-03 at 16:13 By Zeljka Zorz Cloudflare has also been affected by the Salesloft Drift breach, the US web infrastructure and security company confirmed on Tuesday, and the attackers got their hands on 104 Cloudflare API tokens. “We have identified no suspicious activity associated
React to this headline:
Cloudflare confirms data breach linked to Salesloft Drift supply chain compromise Read More »
Infosec products of the month: August 2025 2025-08-29 at 07:23 By Sinisa Markovic Here’s a look at the most interesting products from the past month, featuring releases from: Black Kite, Brivo, Cloudflare, Descope, Doppel, Druva, Elastic, ExtraHop, LastPass, Prove, Riverbed, Rubrik, StackHawk, and Trellix. StackHawk empowers security teams to expand their API testing coverage StackHawk
React to this headline:
Infosec products of the month: August 2025 Read More »
Cloudflare secures sensitive data without fully restricting AI usage 2025-08-25 at 17:14 By Industry News Cloudflare announced new capabilities for Cloudflare One, its zero trust platform, designed to help organizations securely adopt, build and deploy emerging generative AI applications. With these new features, Cloudflare is giving customers the ability to automatically understand, analyze and set
React to this headline:
Cloudflare secures sensitive data without fully restricting AI usage Read More »
New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites 2025-08-07 at 12:46 By Eduard Kovacs A desync attack method leveraging HTTP/1.1 vulnerabilities impacted many websites and earned researchers more than $200,000 in bug bounties. The post New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites appeared first on SecurityWeek.
React to this headline:
New HTTP Request Smuggling Attacks Impacted CDNs, Major Orgs, Millions of Websites Read More »
DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total 2025-07-15 at 16:04 By Eduard Kovacs Cloudflare has published its quarterly DDoS threat report for Q2 2025 and the company says it has blocked millions of attacks. The post DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total appeared first on SecurityWeek.
React to this headline:
DDoS Attacks Blocked by Cloudflare in 2025 Already Surpass 2024 Total Read More »
Cloudflare blocks AI crawlers by default, letting sites choose what gets scraped 2025-07-01 at 15:24 By Sinisa Markovic Cloudflare is now the first major internet infrastructure company to block AI crawlers by default when they try to access website content without permission or payment. Starting today, website owners can choose whether to allow AI crawlers
React to this headline:
Cloudflare blocks AI crawlers by default, letting sites choose what gets scraped Read More »
Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider 2025-06-20 at 15:37 By Eduard Kovacs Cloudflare has blocked yet another record-breaking DDoS attack, which delivered the equivalent of 9,000 HD movies in just 45 seconds. The post Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider appeared first on SecurityWeek. This article is an excerpt from SecurityWeek
React to this headline:
Record-Breaking 7.3 Tbps DDoS Attack Targets Hosting Provider Read More »
Cloudflare Tunnels Abused in New Malware Campaign 2025-06-20 at 11:48 By Ionut Arghire A threat actor is abusing Cloudflare Tunnels for the delivery of a Python loader as part of a complex infection chain. The post Cloudflare Tunnels Abused in New Malware Campaign appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View
React to this headline:
Cloudflare Tunnels Abused in New Malware Campaign Read More »
Cloudflare Log Explorer detects security and performance issues 2025-06-18 at 16:46 By Industry News Cloudflare announced Cloudflare Log Explorer to help give businesses instant access to critical security and performance insights across their IT environments. Now, customers can analyze, investigate, and monitor for security attacks with log line level insights across their entire business–natively within
React to this headline:
Cloudflare Log Explorer detects security and performance issues Read More »
Surge in Cyberattacks Targeting Journalists: Cloudflare 2025-06-12 at 14:03 By Ionut Arghire Between May 2024 and April 2025, Cloudflare blocked 109 billion malicious requests targeting organizations protected under Project Galileo. The post Surge in Cyberattacks Targeting Journalists: Cloudflare appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source React to this
React to this headline:
Surge in Cyberattacks Targeting Journalists: Cloudflare Read More »
ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware 2025-06-05 at 14:47 By Kevin Townsend Researchers have discovered and analyzed a ClickFix attack that uses a fake Cloudflare ‘humanness’ check. The post ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware appeared first on SecurityWeek. This article is an excerpt from SecurityWeek View Original Source
React to this headline:
ClickFix Attack Exploits Fake Cloudflare Turnstile to Deliver Malware Read More »
Lumma Stealer Malware-as-a-Service operation disrupted 2025-05-21 at 21:21 By Zeljka Zorz A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most significant infostealer threat at the moment. What is Lumma Stealer? Lumma Stealer is Malware-as-a-Service offering beloved by a wide
React to this headline:
Lumma Stealer Malware-as-a-Service operation disrupted Read More »
DDoS attacks jump 358% compared to last year 2025-04-29 at 08:04 By Mirko Zorz Cloudflare says it mitigated 20.5 million DDoS attacks in the first quarter of 2025. This is a 358% increase compared to the same time last year. Their Q1 2025 DDoS report highlights a rise in the number and size of attacks,
React to this headline:
DDoS attacks jump 358% compared to last year Read More »
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH 2025-03-28 at 13:31 By Help Net Security OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of identity provider-based access. By tightly integrating with identity providers (IdPs) and
React to this headline:
Cloudflare open sources OPKSSH to bring Single Sign-On to SSH Read More »
Infosec products of the month: March 2025 2025-03-28 at 06:36 By Help Net Security Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight Technologies, Outpost24, Palo Alto Networks, Pondurance, Red Canary, SailPoint, SimSpace, Sonatype, Sumsub, and TXOne Networks. Outpost24 introduces
React to this headline:
Infosec products of the month: March 2025 Read More »
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) 2025-03-24 at 15:17 By Zeljka Zorz A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web pages they should no have access to (e.g., the web app’s admin panel).
React to this headline:
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927) Read More »
New infosec products of the week: March 21, 2025 2025-03-21 at 07:01 By Help Net Security Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks. Keysight AI Insight Brokers accelerates threat detection and response Keysight Technologies announces the expansion of its
React to this headline:
New infosec products of the week: March 21, 2025 Read More »
Cloudforce One threat events platform provides a real-time view of threat activity 2025-03-19 at 11:49 By Industry News Cloudflare launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from Cloudflare’s massive global network, Cloudforce One’s threat events platform helps security teams get more done
React to this headline:
Cloudforce One threat events platform provides a real-time view of threat activity Read More »