An exposed apt signing key and how to improve apt security
2021-12-15
Recently, we received a bug bounty report regarding the GPG signing key used for pkg.cloudflareclient.com, the Linux package repository for our Cloudflare WARP products....
How Cloudflare security responded to Log4j 2 vulnerability
2021-12-10
Yesterday, December 9, 2021, when a serious vulnerability in the popular Java-based logging package log4j was publicly disclosed, our security teams jumped into action to help respond to the first question and answer the second question. This post explores the second....
Cloudflare's Handling of an RCE Vulnerability in cdnjs
2021-07-24
Recently, a RCE vulnerability in the way cdnjs’ backend is automatically keeping web resources up to date has been disclosed. Read about how Cloudflare handled the security incident and what will prevent similar exploits in the future....
