Data breach notification letters have become a familiar routine. They usually start with “We value your privacy” and offer a year of free credit monitoring. But the most important part is often hidden in the middle: A list of what actually got out. A leaked email address is not a leaked admin password. A hashed […]
DNSSEC: The Extra Security Layer That Can Break Your Padlock
Turning on DNSSEC makes your domain more secure — but if it’s misconfigured, newer certificate validation rules can stop SSL renewals in their tracks. Hey there, You know that satisfying click when you finally turn on DNSSEC? It feels like adding a shiny new deadbolt to your domain’s front door. You’re doing the responsible thing: […]
Vulnerability & Patch Roundup — April 2026
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
My Website Is Hosting a Phishing Page – Now What?
Most phishing advice is written for the person staring at a suspicious email. This guide is for the other kind of victim: The website owner whose legitimate site has been quietly turned into the attacker’s weapon. You didn’t send the message or build the fake login page. You just woke up to a browser warning, […]
WordPress DDoS Protection: How to Keep Your Site Online
WordPress powers over 40% of the web, which makes it one of the most attractive targets for Distributed Denial of Service (DDoS) attacks. If your site goes down for an hour, you lose revenue, search rankings, and visitor trust. If it goes down repeatedly, you lose much more. A DDoS attack floods your website with […]
Joomla SEO Spam Injector: Obfuscated PHP Backdoor Hijacking Site Visitors
Overview During a recent malware cleanup investigation, we encountered a compromised Joomla website where the site owner reported a strange issue. Their website displayed a large number of suspicious product links that had nothing to do with their business. These products were not added by the website owner and did not exist in their catalog. […]
Vulnerability & Patch Roundup — March 2026
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
Vulnerability & Patch Roundup — February 2026
Vulnerability reports and responsible disclosures are essential for website security awareness and education. Automated attacks targeting known software vulnerabilities are one of the leading causes of website compromises. To help educate website owners about potential threats to their environments, we’ve compiled a list of important security updates and vulnerability patches for the WordPress ecosystem this […]
Cloudflare One is the first SASE offering modern post-quantum encryption across the full platform
During Security Week 2025, we launched the industry’s first cloud-native post-quantum Secure Web Gateway (SWG) and Zero Trust solution, a major step towards securing enterprise network traffic sent from end user devices to public and private networks. But this is only part of the equation. To truly secure the future of enterprise networking, you need […]
Cloudflare outage on February 20, 2026
On February 20, 2026, at 17:48 UTC, Cloudflare experienced a service outage when a subset of customers who use Cloudflare’s Bring Your Own IP (BYOIP) service saw their routes to the Internet withdrawn via Border Gateway Protocol (BGP). The issue was not caused, directly or indirectly, by a cyberattack or malicious activity of any kind. […]
