Cloudflare protects against critical SharePoint vulnerability, CVE-2025-53770
2025-07-22
Microsoft disclosed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, that are exploited to attack SharePoint servers....
Continue reading »
Cloudflare named a leader in Web Application Firewall Solutions in 2025 Forrester report
2025-03-20
Forrester Research has recognized Cloudflare as a Leader in its The Forrester Wave™: Web Application Firewall Solutions, Q1 2025 report....
Introducing Cloudy, Cloudflare’s AI agent for simplifying complex configurations
2025-03-20
Workers AICloudflare WorkersDeveloper PlatformDevelopersLLMWAFCloudflare OneZero TrustCloudflare Zero TrustSASESecure Web GatewayBetaNetwork Services
Cloudflare’s first AI agent, Cloudy, helps make complicated configurations easy to understand for Cloudflare administrators....
Making Application Security simple with a new unified dashboard experience
2025-03-20
We’re introducing a new Application Security experience in the Cloudflare dashboard, with a reworked UI organized by use cases, making it easier for customers to navigate and secure their accounts....
Resolving a Mutual TLS session resumption vulnerability
2025-02-07
Cloudflare patched a Mutual TLS (mTLS) vulnerability (CVE-2025-23419) reported via its Bug Bounty Program. The flaw in session resumption allowed client certificates to authenticate across different...
MORE POSTS
August 12, 2024 2:00 PM
Advancing Threat Intelligence: JA4 fingerprints and inter-request signals
Explore how Cloudflare's JA4 fingerprinting and inter-request signals provide robust and scalable insights for advanced web security and threat detection. ...
- By
July 25, 2024 1:00 PM
Making WAF ML models go brrr: saving decades of processing time
In this post, we discuss performance optimizations we've implemented for our WAF ML product. We'll guide you through code examples, benchmarks, and we'll share the impressive latency reduction numbers...
- By
July 11, 2024 5:00 PM
Application Security report: 2024 update
Cloudflare’s updated 2024 view on Internet cyber security trends spanning global traffic insights, bot traffic insights, API traffic insights, and client-side risks...
- By
March 07, 2024 2:00 PM
General availability for WAF Content Scanning for file malware protection
Announcing the General Availability of WAF Content Scanning, protecting your web applications and APIs from malware by scanning files in-transit...
- By
March 04, 2024 2:02 PM
Cloudflare announces Firewall for AI
Cloudflare is one of the first providers to safeguard LLM models and users in the era of AI...
- By
March 04, 2024 2:00 PM
Cloudflare launches AI Assistant for Security Analytics
Introducing AI Assistant for Security Analytics. Now it is easier than ever to get powerful insights about your web security. Use the new integrated natural language query interface to explore Security Analytics...
- By
January 23, 2024 2:00 PM
How Cloudflare’s AI WAF proactively detected the Ivanti Connect Secure critical zero-day vulnerability
The issuance of Emergency Rules by Cloudflare on January 17, 2024, helped give customers a big advantage in dealing with these threats...
- By
November 15, 2023 2:00 PM
Introducing hostname and ASN lists to simplify WAF rule creation
Today we are expanding Custom Lists by enabling you to create lists of hostnames and ASNs...
- By
October 04, 2023 4:03 PM
All Cloudflare customers protected from the Atlassian Confluence CVE-2023-22515
On 2023-10-04 at 13:00 UTC, Atlassian released details of the zero-day vulnerability described as “Privilege Escalation Vulnerability in Confluence Data Center and Server” (CVE-2023-22515), a zero-day vulnerability impacting Confluence Server and Data Center products...
- By
September 29, 2023 1:00 PM
Detecting zero-days before zero-day
In this blog post we talk about our approach and ongoing research into detecting novel web attack vectors in our WAF before they are seen by a security researcher....
- By
September 19, 2023 1:00 PM
New! Rate Limiting analytics and throttling
Cloudflare Analytics can now suggest rate limiting threshold based on historic traffic patterns. Rate Limiting also supports a throttle behavior...
- By
August 21, 2023 2:15 PM
Application Security Report: Q2 2023
We are back with a quarterly update of our Application Security report. Read on to learn about new attack trends and insights visible from Cloudflare’s global network...
- By
August 04, 2023 6:29 PM
Unmasking the top exploited vulnerabilities of 2022
The Cybersecurity and Infrastructure Security Agency (CISA) just released a report highlighting the most commonly exploited vulnerabilities of 2022. ...
- By
March 15, 2023 1:00 PM
Announcing WAF Attack Score Lite and Security Analytics for business customers
We are making the machine learning empowered WAF and Security analytics view available to our Business plan customers, to help detect and stop attacks before they are known...
- By
March 14, 2023 1:00 PM
The state of application security in 2023
One year ago we published our first Application Security Report. For Security Week 2023, we are providing updated insights and trends around mitigated traffic, bot and API traffic, and account takeover attacks....
- By