¡Hola, Ecuador! Quito Data Center expands Cloudflare network to 104 cities across 52 countries

CC-BY 2.0 image by Scipio Located only 15 miles from the Equator, we are excited to announce Cloudflare’s newest data center in the World Heritage City of Quito, Ecuador. This deployment is made possible in partnership with the NAP.EC Internet exchange run by AEPROVI (Asociación de empresas proveedoras de servicios de internet). Our newest data More Info »

Malicious Subdirectories Strike Again

In a previous post, we illustrated how attackers were fetching information from compromised sites under their control to display spam content on other hacked websites. By adding malicious files into a directory and using the victim’s database structure, attackers were able to inject ads and promote their products. This time, attackers used a similar technique More Info »

Stored XSS in WordPress Core

As you might remember, we recently blogged about a critical Content Injection Vulnerability in WordPress which allowed attackers to deface vulnerable websites. While our original disclosure only described one vulnerability, we actually reported two to the WordPress team. As it turns out, it was possible to leverage the content injection issue to achieve a stored cross-site scripting attack. This issue More Info »

SF9 Realex Magento Module Targeted by Credit Card Scrapers

Attackers are constantly developing new techniques to compromise ecommerce websites and steal sensitive data. Over the last several weeks, we tracked massive attacks against Magento sites where attackers are injecting malicious scripts that create functions designed to steal credit card information. This technique is not restricted to Magento core files. These days, attackers are trying More Info »

Bank Phishing Incident Analysis

Everyone has received a phishing scam via email at one point or another. Thanks to modern anti-spam technology, most of these messages are blocked from ever reaching our inboxes. I said most of them. Today I got one that was able to get through the bouncer: The subject (in Brazilian Portuguese and poorly crafted) translates More Info »

Cloudflare at Google NEXT 2017

The Cloudflare team is headed down the street to Google NEXT 2017 from March 8th – 10th at Moscone Center booth C7 in San Francisco, CA. We’re excited to meet with existing partners, customers, and new friends! Come learn about Cloudflare’s recent partnership with Google Cloud Platform (CGP) through their CDN Interconnect Program. Cloudflare offers More Info »