ALL POSTS

Key Findings Push Security identified a new AITM phishing campaign targeting TikTok for Business accounts to hijack them for malvertising and fraud Attackers use fake TikTok and Google-themed pages with Cloudflare Turnstile bot protection to bypass security scanners Newly registered domains are created rapidly and hosted behind Cloudflare, making them difficult to track Compromised accounts are used for malvertising, credential theft, malware distribution, and ad fraud Many u

Key Findings * Attackers are exploiting Cloudflare's human verification system to hide phishing pages * Custom virtual machine function used to obfuscate malicious code * Targets Microsoft 365 login credentials * Employs sophisticated evasion techniques against security scanners * Uses location-based filtering to block security researchers Background Cybercriminals have developed an innovative method of hiding phishing websites by leveraging Cloudflare's Turnstile verificatio

Key Findings The AISURU/Kimwolf botnet hit a record-breaking 31.4 Tbps DDoS attack that lasted just 35 seconds in November 2025. Cloudflare automatically detected and blocked the attack as part of a surge in hyper-volumetric HTTP DDoS attacks observed in late 2025. The number and size of DDoS attacks increased significantly in 2025, with a 40% rise in hyper-volumetric attacks in Q4 2025 compared to the previous quarter. The largest attacks targeted Cloudflare customers in the

Key Findings The Aisuru/Kimwolf botnet launched a record-setting DDoS attack that peaked at 31.4 Tbps and 200 million requests per second. The attack was part of a broader campaign targeting multiple organizations, primarily in the telecommunications and IT sectors. Cloudflare automatically detected and mitigated the attack, which they dubbed "The Night Before Christmas" due to its timing in late December 2025. The Aisuru/Kimwolf botnet is a large-scale network of malware-inf

Key Findings Cloudflare mitigated the largest ever distributed denial-of-service (DDoS) attack, measuring 29.7 terabits per second (Tbps) The attack originated from the AISURU DDoS botnet-for-hire, which has been linked to numerous high-volume DDoS attacks over the past year The 69-second attack did not disclose the target, but AISURU has targeted telecommunication providers, gaming companies, hosting providers, and financial services AISURU is believed to be powered by a mas

Key Findings: Cloudflare, a major web infrastructure company that handles an estimated 20% of global web traffic, experienced a service disruption on November 18, 2025. The disruption caused errors and inaccessibility for a wide range of websites and online services, including Hackread.com, Canva, Uber, IKEA, Shopify, League of Legends, DoorDash, Discord, Patreon, Medium, Crunchyroll, GitLab, Udemy, and popular AI tools like ChatGPT. The root cause was a latent bug triggered