cloudflare
-
ESET: Gamaredon and Turla Coordinating Campaign Targets Ukrainian Institutions, Deploying Kazuar Backdoor
Security researchers have identified a coordinated campaign between Gamaredon and Turla targeting Ukrainian entities, with Kazuar backdoor deployments signaling active collaboration and evolving tactics across multiple campaigns in early 2025.
-
Microsoft, Cloudflare Lead Disruption of RaccoonO365 Phishing Network, Seizing 338 Domains
Microsoft and Cloudflare led a coordinated takedown of the RaccoonO365 phishing-as-a-service network, seizing 338 domains and disrupting a campaign that had targeted thousands of Microsoft 365 credentials across dozens of countries. The operation highlights how criminal networks leverage legitimate internet infrastructure to facilitate credential theft, with law enforcement pursuing principal operators and affiliates alike.
-
GhostAction: GitHub supply-chain attack exposes 3,325 secrets across hundreds of repositories
Researchers say a GitHub supply-chain campaign named GhostAction stole about 3,325 secrets across PyPI, npm, DockerHub, GitHub tokens, Cloudflare, and AWS keys, by compromising maintainer accounts to inject malicious GitHub Actions workflows that exfiltrate secrets to an attacker-controlled endpoint.
-
Misissued TLS certificates tied to Cloudflare’s 1.1.1.1 DNS service raise internet-security concerns
Security researchers disclosed mis-issued TLS certificates tied to Cloudflare’s 1.1.1.1 DNS service, a flaw that could enable impersonation and traffic interception. With the issuer and responsible parties not fully disclosed, the episode underscores ongoing vulnerabilities in the certificate authority system and the role of Certificate Transparency in detecting mis-issuances.
-
Cloudflare says it blocked largest recorded DDoS attack at 11.5 Tbps
Cloudflare says it blocked the largest recorded volumetric DDoS attack, peaking at 11.5 Tbps and lasting about 35 seconds, with most traffic traced to Google Cloud as the company notes a broader rise in high-volume DDoS campaigns.
-
Cloudflare Confirms 1.1.1.1 Outage Stemmed from Internal Misconfiguration, Not Attack
Cloudflare confirmed that a recent outage of its 1.1.1.1 Resolver service was caused by an internal misconfiguration, dismissing concerns of a cyberattack or BGP hijack. The incident led to significant disruptions for users globally, with full restoration achieved within hours.
-
Cloudflare Thwarts Historic 7.3 Tbps DDoS Attack Targeting Hosting Provider
Cloudflare has successfully mitigated a record-breaking 7.3 Tbps DDoS attack targeting a hosting provider, marking a significant escalation in cyber threats to internet infrastructure, according to the company’s latest report.
-
New Malware Campaign Exploits Cloudflare Tunnels to Deliver Malicious Payloads
A new malware campaign, codenamed SERPENTINE#CLOUD, is exploiting Cloudflare Tunnel subdomains to distribute malicious payloads via phishing emails. This sophisticated attack targets users across multiple regions and employs advanced techniques to evade detection.
-
Cloudflare Outage Not Linked to Security Incident, Data Remains Safe
Cloudflare has confirmed that a recent service outage was not caused by a security incident. The outage, which lasted 2.5 hours, stemmed from a failure in the underlying storage infrastructure affecting its crucial Workers KV system. The company assures that all user data remains safe and plans to enhance system resilience moving forward.
-
Widespread Service Outages Affect Google Cloud and Cloudflare
Google Cloud and Cloudflare have reported widespread service outages affecting various services and platforms. Both companies are investigating the issues that began on June 12, with users experiencing significant access problems.
