ZeroPulse is a Command & Control (C2) platform focused on secure remote management using Cloudflare Tunnel technology. It's currently in active development and offers features like remote command execution, session management, and a modern user interface. Ideal for testing, production use should wait for a stable release.

Cloudflare has implemented new WAF rules to protect against a Remote Code Execution vulnerability affecting specific React versions and Next.js. All customers are automatically shielded as long as their traffic is routed through Cloudflare, but updating to React 19.2.1 and the latest Next.js versions is still recommended. Cloudflare's security team will monitor for potential attacks and adjust protections as needed.

This article explains how to use CloudFlare Workers for Conditional Access Payload Delivery (CAPD). It details the architecture, code implementation, and variations to enhance security and flexibility in delivering payloads while minimizing detection risks.

On December 5, 2025, Cloudflare experienced a significant outage lasting about 25 minutes due to a configuration change related to their Web Application Firewall. The issue arose from a bug triggered when turning off a testing tool, resulting in HTTP 500 errors for around 28% of customer traffic. Cloudflare is implementing measures to prevent similar incidents in the future.

This article discusses improvements to Cloudflare's Web Application Firewall (WAF) payload logging feature, which helps identify the specific request fields that trigger WAF rules. It highlights how recent updates increase logging efficiency and clarity, reducing false positives and enhancing debugging for customers.

This article details a new method for bypassing multi-factor authentication (MFA) protections by manipulating the authentication flow using Cloudflare Workers. The technique involves intercepting and altering server responses to downgrade secure authentication methods to phishable ones, exploiting vulnerabilities in implementation rather than cryptography.

This article reveals that 68% of phishing sites are hosted on Cloudflare, exploiting its free services for anonymity. It discusses how attackers are using sophisticated tactics, including Phishing-as-a-Service (PhaaS), to target users and evade detection, making traditional defenses inadequate.

This article discusses TokenFlare, a serverless framework for simulating phishing attacks on Entra ID and M365. It allows users to configure OAuth flows, deploy either locally or to Cloudflare, and includes built-in operational security features. The setup requires Python and Node.js, and it emphasizes authorized testing only.

Cloudflare faced a global outage due to a database permission update that caused 5xx errors across its services. The issue stemmed from a regression that led to duplicate data in the Bot Management system, overwhelming memory limits and crashing the service. Cloudflare has since restored service and is reviewing its systems to prevent similar issues.

Cloudflare addressed a flaw in its WAF that let attackers bypass security measures and access origin servers during ACME validation. The issue arose from a logic error that disabled WAF features for certain requests, potentially allowing unauthorized access. The company implemented a fix to ensure that WAF features remain active unless the request matches a valid ACME token.

Cloudflare introduces enterprise-grade features to enhance the performance and security of their services, making them accessible to all users, not just large organizations. These features include enhanced security protocols, improved performance metrics, and advanced analytics tools designed to optimize user experience and safeguard data. By democratizing these capabilities, Cloudflare aims to empower businesses of all sizes to leverage robust online tools effectively.

Cloudflare has announced that it will block AI web crawlers by default, a move aimed at protecting websites and their content from being scraped and misused by artificial intelligence systems. The decision comes amid growing concerns about the ethical implications of AI and the potential for misuse of web data. This change is part of Cloudflare's broader strategy to enhance web security and address the challenges posed by AI technologies.

A new malware strain has emerged that targets WordPress sites by mimicking Cloudflare's checkout pages, potentially deceiving users into entering sensitive information. This malware exploits vulnerabilities in e-commerce platforms, posing a significant risk to both site owners and customers. Website administrators are urged to enhance their security measures to prevent such attacks.

Cloudflare has introduced a new email service designed to enhance security and simplify email management for users. The service aims to protect users from spam and phishing attacks while providing a user-friendly experience with features such as custom domain support and email forwarding. This initiative reflects Cloudflare's commitment to improving digital communication safety and efficiency.

Cloudflare's blog discusses the resolution of a request smuggling vulnerability found in their Pingora proxy. This vulnerability could have allowed attackers to manipulate server requests, emphasizing the importance of proactive security measures in web infrastructure. The article details the steps taken to identify and patch the issue effectively.

The article discusses the implementation of automatic security measures for websites, highlighting how Cloudflare's technology ensures that users are protected without requiring manual intervention. It emphasizes the importance of securing web traffic and the benefits of using automated solutions to enhance online safety.

Cloudflare's blog post discusses a recently discovered vulnerability in HTTP/2, dubbed "madeyoureset," which could allow attackers to disrupt connections by causing server resets. The blog highlights the rapid mitigations implemented by Cloudflare to prevent potential exploitation of this vulnerability and emphasizes the importance of swift responses in maintaining web security.

The conversation with Cloudflare's Matthew Prince explores the future of the internet's business model, discussing the implications of privacy, security, and the evolution of online services. Prince emphasizes the importance of adapting to changing user expectations and the need for innovative approaches to sustain growth in the tech industry.

The Cloudflare Data Platform offers a comprehensive solution for managing and analyzing data across various environments, enabling users to efficiently collect, process, and visualize data to gain actionable insights. It integrates seamlessly with existing workflows and provides robust tools for data governance and security. This platform aims to empower organizations to harness the full potential of their data in a secure and scalable manner.

Microsoft and Cloudflare have collaborated to take down the Raccoon365 phishing service, which targeted Microsoft 365 users. This operation aimed to protect users from credential theft and enhance overall cybersecurity measures against such phishing threats. The dismantling of Raccoon365 marks a significant step in combating cybercrime related to phishing schemes.

The article discusses the process and implications of vulnerability disclosure concerning SSL for SaaS services using managed CNAME configurations. It highlights the importance of responsible disclosure practices and the steps taken by Cloudflare to address identified vulnerabilities, ensuring the security of their clients and the wider internet community.

A Firebase project was hit with over 100 million requests due to a security oversight, resulting in significant potential costs. The author emphasizes the importance of proper configuration, rate limiting, and security measures to prevent such incidents. The experience serves as a cautionary tale for developers to remain vigilant with their cloud services.

Cloudflare's blog discusses the launch of the Azul Certificate Transparency log, designed to enhance security by allowing for better tracking and monitoring of SSL/TLS certificates. The log aims to help organizations detect misissued certificates and improve overall internet trustworthiness. Additionally, it highlights the importance of transparency in digital certificate issuance.

The article discusses the introduction of a "code mode" feature on Cloudflare's platform, aimed at enhancing security and performance for developers working with code. This feature allows for more efficient handling of code snippets, optimizing them for web applications while maintaining a user-friendly interface.

Cloudflare has implemented enhanced security measures for its Workers platform by introducing a sandboxing model that restricts access to sensitive resources and mitigates potential threats. This security hardening ensures that code execution remains isolated, protecting both the platform and its users from various vulnerabilities. The article details the architecture and strategies employed to achieve this robust security posture.

The article discusses the discovery of cryptographic vulnerabilities in Cloudflare's CIRCL library, specifically regarding its FourQ elliptic curve implementation. These issues, related to insufficient validation of points during elliptic curve computations, could potentially allow attackers to exploit the system and derive secret keys. The vulnerabilities were reported and subsequently addressed by Cloudflare.

The article discusses how Cloudflare's client-side security, particularly its Page Shield feature, effectively mitigated the risks posed by a recent npm supply chain attack where malicious code was injected into popular JavaScript packages. The advanced machine learning algorithms employed by Cloudflare allowed for rapid detection and prevention of potential crypto theft, ensuring the safety of users' applications against such vulnerabilities.