Security news aggregator

Latest coverage for Cloudflare

Stay secure online with the latest Cloudflare updates and insights in information security, protecting websites and networks from threats.

199 headlines in this view

Refine the feed

Search across headline titles and summaries.

Tag briefing

Background for this topic.

Cloudflare operates a global content delivery and security network that sits between internet users and websites or services. It provides distributed denial-of-service (DDoS) mitigation, web application firewall (WAF) capabilities, and secure DNS resolution, helping to filter malicious traffic and improve site availability. By proxying traffic through its edge servers, Cloudflare can inspect, block, or rate-limit requests based on threat intelligence and configured security policies.

From an information security perspective, Cloudflare’s platform introduces critical considerations around trust and attack surface. Organizations relying on it must monitor for vulnerabilities in its software stack and configuration errors that could expose sensitive data or allow bypass of protections. Additionally, Cloudflare’s role as a traffic intermediary means that any compromise or misconfiguration could impact confidentiality and integrity of data in transit, making careful management of encryption and access controls essential.

Volume over time

Weekly headline count for the current query.

Showing 20 most recent headlines of 199

FBI director site went offline after a hack used a fake Cloudflare page to trick users into running a ClickFix attack that installed malware. The merchandise website of FBI director Kash Patel (basedapparel[.]com) was taken offline on Friday after reports that it had been compromised by hackers using it to spread malware. The malware was […]

Bank Info Security 1 month, 3 weeks ago

ISMG Editors: The Governance Questions Haunting OpenAI

Also: Rethinking SASE and AI's Impact on the Cyber WorkforceIn this week's panel, four ISMG editors discussed what the Musk vs. Altman trial exposed about OpenAI's governance program, how AI is reshaping the way enterprises think about security and why Cisco, Cloudflare, Arctic Wolf and other firms are redesigning their workforces for the AI era.

Cloud Connectivity, Security Operations Providers Reportedly Chop 20%, 7% of StaffCloudflare cut more than 1,100 workers from its 5,483-person staff, saying the layoffs will align Cloudflare's operations with AI-driven workflows and productivity gains. And Arctic Wolf laid off 250 workers from its estimated staff of 3,402 to free resources for investment in AI initiatives.

The Hacker News 5 months, 2 weeks ago

When Cloud Outages Ripple Across the Internet

Recent major cloud service outages have been hard to miss. High-profile incidents affecting providers such as AWS, Azure, and Cloudflare have disrupted large parts of the internet, taking down websites and services that many other systems depend on. The resulting ripple effects have halted applications and workflows that many organizations rely on every day

Cloudflare has addressed a security vulnerability impacting its Automatic Certificate Management Environment (ACME) validation logic that made it possible to bypass security controls and access origin servers.  "The vulnerability was rooted in how our edge network processed requests destined for the ACME HTTP-01 challenge path (/.well-known/acme-challenge/*)," the web infrastructure

OG CDN boss says fighting illegal streams is about stopping criminals cashing in, not free speech Interview After Cloudflare CEO Matthew Prince recently threatened to disrupt the Winter Olympics to protect free speech after Italian authorities fined his company for not disrupting pirate video streams, rival CDN provider Akamai’s CEO Dr. Tom Leighton fired back with what reads a lot like thinly veiled criticism.…

Trend Micro Research, News and Perspectives 6 months ago

Analyzing a Multi-Stage AsyncRAT Campaign via Managed Detection and Response

Threat actors exploited Cloudflare's free-tier infrastructure and legitimate Python environments to deploy the AsyncRAT remote access trojan, demonstrating advanced evasion techniques that abuse trusted cloud services for malicious operations.

Security community needs to rally and share more info faster, one researcher says Amid new reports of attackers pummeling a maximum security hole (CVE-2025-55182) in the React JavaScript library, Cloudflare's technology chief said his company took down its own network, forcing a widespread outage early Friday, to patch React2Shell.…

Bank Info Security 7 months, 1 week ago

React Flaw Mitigation Leads to Cloudflare Outage

Outage Briefly Took Down Zoom, LinkedIn and Other WebsitesContent delivery network giant Cloudflare is investigating a brief outage early Friday that took down multiple websites. The incident marks the second outage in the span of a month, although the causes are unrelated. It stemmed from how Cloudflare's web application firewall parses requests.

Loading more headlines...