Cloudflare

Lumma Stealer Malware-as-a-Service operation disrupted
A coordinated action by US, European and Japanese authorities and tech companies like Microsoft and Cloudflare has disrupted the infrastructure behind Lumma Stealer, the most …

DDoS attacks jump 358% compared to last year
Cloudflare says it mitigated 20.5 million DDoS attacks in the first quarter of 2025. This is a 358% increase compared to the same time last year. Their Q1 2025 DDoS report …

Cloudflare open sources OPKSSH to bring Single Sign-On to SSH
OPKSSH (OpenPubkey SSH) makes it easy to authenticate to servers over SSH using OpenID Connect (OIDC), allowing developers to ditch manually configured SSH keys in favor of …

Infosec products of the month: March 2025
Here’s a look at the most interesting products from the past month, featuring releases from: 1Kosmos, Alloy, Cloudflare, Cytex, Detectify, GetReal Security, iProov, Keysight …

Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …

New infosec products of the week: March 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks. Keysight AI …

Cloudforce One threat events platform provides a real-time view of threat activity
Cloudflare launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from …

Cloudflare boosts defenses against future quantum threats
Cloudflare announced that it is expanding end-to-end support for post-quantum cryptography to its Zero Trust Network Access solution. Available immediately, organizations can …

API security blind spots put businesses at risk
Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every …

Cloudflare helps secure popular messaging applications
Cloudflare announced a new service to verify the integrity of public keys in the end-to-end encryption of popular messaging applications. When using end-to-end encryption …

Cloudflare AI Audit helps websites control how their content is used by AI models
Cloudflare announced AI Audit, a set of tools to help websites of any size analyze and control how their content is used by AI models. For the first time, website and content …

Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many …