It’s a cautionary tale for those coding the complex algorithms that go into automated mitigation.

Over 2,000 WordPress sites are infected as part of a keylogger campaign that leverages an old malicious script.

Cloudflare’s chief technology officer was frank and apologetic about February’s Cloudbleed bug during today’s Virus Bulletin 2017 keynote.

A large botnet of Android devices called WireX is responsible for large-scale application-layer DDoS attacks against businesses in the hospitality, porn and gambling industries.

Researchers have a devised a way to trick a web server into caching pages and exposing personal data to attackers.

Cloudflare and network operator Credo Mobile suffered a legal defeat when U.S. appeals court ruled to uphold a gag order on FBI surveillance data.

The news of the week is recapped, including the fallout around CloudBleed, the CloudPets breach, and a Slack token bug. The life of Howard Schmidt is also remembered.

Cloudflare said it could not find evidence of malicious exploitation of the Cloudbleed vulnerability, even though the bug was triggered 1.2 million times.

Mike Mimoso and Chris Brook recap RSA and discuss the news of the week including the impact of Cloudflare’s “Cloudbleed” bug, Google breaking SHA-1, and more.

Cloudflare has fixed an issue where its customer traffic was leaking memory that included sensitive information including authentication cookies, POST data and more.