Archive | Security

RSS feed for this section

Code Orange: Fail Small — our resilience plan following recent incidents

On November 18, 2025, Cloudflare’s network experienced significant failures to deliver network traffic for approximately two hours and ten minutes. Nearly three weeks later, on December 5, 2025, our network again failed to serve traffic for 28% of applications behind our network for about 25 minutes. We published detailed post-mortem blog posts following both incidents, […]

Innovating to address streaming abuse — and our latest transparency report

Cloudflare’s latest transparency report — covering the first half of 2025 — is now live. As part of our commitment to transparency, Cloudflare publishes such reports twice a year, describing how we handle legal requests for customer information and reports of abuse of our services. Although we’ve been publishing these reports for over 10 years, […]

ChatGPT's rivals, Kwai's quiet rise: the top Internet services of 2025

In 2025, the Internet is more central to our lives than ever, and we rely on an array of online services to get things done, connect with others, and enjoy ourselves. Cloudflare’s Top Internet Services of 2025 report explores how the connected world interacted this year, based on Cloudflare’s observations and analysis of DNS trends.  […]

The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacks

The 2025 Cloudflare Radar Year in Review is here: our sixth annual review of the Internet trends and patterns we observed throughout the year, based on Cloudflare’s expansive network view. Our view is unique, due to Cloudflare’s global network, which has a presence in 330 cities in over 125 countries/regions, handling over 81 million HTTP […]

How to Protect Your WordPress Site From a Phishing Attack

If you run a website, manage a business inbox, or even just use online banking, you’ve already lived in the phishing era for a long time. The only thing that’s changed is the polish. Phishing scams have moved past those obviously fake “please verify” requests to include convincing login pages, realistic invoices, and even bogus […]

React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques

On December 3, 2025, immediately following the public disclosure of the critical, maximum-severity React2Shell vulnerability (CVE-2025-55182), the Cloudforce One Threat Intelligence team began monitoring for early signs of exploitation. Within hours, we observed scanning and active exploitation attempts, including traffic originating from infrastructure associated with Asian-nexus threat groups. Early activity indicates that threat actors quickly […]

WordPress Auto-Login Backdoor Disguised as JavaScript Data File

During a recent investigation, we discovered a sophisticated WordPress backdoor hidden in what appears to be a JavaScript data file. This malware automatically logs attackers into administrator accounts without requiring any credentials. In September, we published an article showcasing another WordPress backdoor that creates admin accounts. This new variant takes a different approach by hijacking […]

Shifting left at enterprise scale: how we manage Cloudflare with Infrastructure as Code

The Cloudflare platform is a critical system for Cloudflare itself. We are our own Customer Zero – using our products to secure and optimize our own services.  Within our security division, a dedicated Customer Zero team uses its unique position to provide a constant, high-fidelity feedback loop to product and engineering that drives continuous improvement […]

Python Workers redux: fast cold starts, packages, and a uv-first workflow

Last year we announced basic support for Python Workers, allowing Python developers to ship Python to region: Earth in a single command and take advantage of the Workers platform. Since then, we’ve been hard at work making the Python experience on Workers feel great. We’ve focused on bringing package support to the platform, a reality […]