An exposed apt signing key and how to improve apt security
12/15/2021
Recently, we received a bug bounty report regarding the GPG signing key used for pkg.cloudflareclient.com, the Linux package repository for our Cloudflare WARP products....
How Cloudflare security responded to Log4j 2 vulnerability
12/10/2021
Yesterday, December 9, 2021, when a serious vulnerability in the popular Java-based logging package log4j was publicly disclosed, our security teams jumped into action to help respond to the first question and answer the second question. This post explores the second....
Cloudflare's Handling of an RCE Vulnerability in cdnjs
07/24/2021
Recently, a RCE vulnerability in the way cdnjs’ backend is automatically keeping web resources up to date has been disclosed. Read about how Cloudflare handled the security incident and what will prevent similar exploits in the future....
