Cloudflare
Critical Next.js auth bypass vulnerability opens web apps to compromise (CVE-2025-29927)
A critical vulnerability (CVE-2025-29927) in the open source Next.js framework can be exploited by attackers to bypass authorization checks and gain unauthorized access to web …
New infosec products of the week: March 21, 2025
Here’s a look at the most interesting products from the past week, featuring releases from 1Kosmos, Cloudflare, Cytex, Keysight Technologies, and TXOne Networks. Keysight AI …
Cloudforce One threat events platform provides a real-time view of threat activity
Cloudflare launched the Cloudforce One threat events platform to provide real-time intelligence on cyberattacks occurring across the Internet. Based on telemetry from …
Cloudflare boosts defenses against future quantum threats
Cloudflare announced that it is expanding end-to-end support for post-quantum cryptography to its Zero Trust Network Access solution. Available immediately, organizations can …
API security blind spots put businesses at risk
Many customer-facing APIs remain unprotected, leaving businesses vulnerable to breaches. To address these threats, a comprehensive approach to API security, covering every …
Cloudflare helps secure popular messaging applications
Cloudflare announced a new service to verify the integrity of public keys in the end-to-end encryption of popular messaging applications. When using end-to-end encryption …
Cloudflare AI Audit helps websites control how their content is used by AI models
Cloudflare announced AI Audit, a set of tools to help websites of any size analyze and control how their content is used by AI models. For the first time, website and content …
Common API security issues: From exposed secrets to unauthorized access
Despite their role in connecting applications and driving innovation, APIs often suffer from serious security vulnerabilities. Recent investigations reveal that many …
Organizations use outdated approaches to secure APIs
Security teams are struggling to keep pace with the risks posed by organizations’ dependency on modern applications—the technology that underpins all of today’s most used …
Cloudflare for Unified Risk Posture identifies cyber threats
Cloudflare announced Cloudflare for Unified Risk Posture, a new suite of risk management solutions designed to streamline the process of identifying, evaluating, and managing …
New SOHO router malware aims for cloud accounts, internal company resources
Cuttlefish, a new malware family that targets enterprise-grade small office/home office (SOHO) routers, is used by criminals to steal account credentials / secrets for AWS, …
GISEC Global 2024 video walkthrough
In this Help Net Security video, we take you inside GISEC Global, which is taking place from April 23 to April 25, 2024, at the Dubai World Trade Centre. The video features …