CyberSecurityBoard
Sponsor Register Login

Hackers Abuse Cloudflare Services for Sophisticated Phishing Attacks

The attacks, which began emerging in early 2025, leverage Cloudflare Workers and Pages to host malicious content that easily bypasses traditional security filters due to the trusted nature of Cloudflare’s infrastructure. Cybersecurity experts have identified a troubling new trend where threat actors are exploiting legitimate Cloudflare services to orchestrate highly convincing phishing campaigns. Hunt.io security researchers identified this campaign after observing a 43% increase in phishing incidents utilizing trusted cloud infrastructure over the past quarter. This technique allows attackers to maintain persistence while evading detection, as the phishing infrastructure leverages Cloudflare’s legitimate reputation and robust infrastructure to remain operational. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. Traditional security solutions often whitelist Cloudflare resources, allowing malicious content to slip through defenses. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news. The attackers further enhance the deception by implementing precise replicas of legitimate login interfaces, complete with corporate branding and expected functionality that creates a seamless illusion of authenticity. The attackers deploy sophisticated JavaScript code within Cloudflare Workers that dynamically generates phishing pages tailored to each victim. The attack chain begins when victims receive seemingly legitimate emails containing links to what appear to be authentic login portals. These sophisticated campaigns primarily target financial institutions and technology companies, with victims reporting credential theft and subsequent unauthorized access to sensitive systems. Tushar is a Cyber security content editor with a passion for creating captivating and informative content. The widespread adoption of Cloudflare across legitimate business websites creates a perfect environment for these attacks to flourish.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 03 Apr 2025 11:20:15 +0000


Cyber News related to Hackers Abuse Cloudflare Services for Sophisticated Phishing Attacks

9 Best DDoS Protection Service Providers for 2024 - eSecurity Planet content and product recommendations are editorially independent. We may make money when you click on links to our partners. Learn More. One of the most powerful defenses an organization can employ against distributed ...
1 year ago Esecurityplanet.com
Cloudflare discloses breach related to stolen Okta data - Last fall, Cloudflare announced it mitigated an attempted cyberattack stemming from the infamous Okta breach. Cloudflare disclosed in a blog post that it had been breached by an unnamed nation-state threat actor using an access token and three ...
1 year ago Techtarget.com
Cloudflare Dashboard and APIs down after data center power outage - An ongoing Cloudflare outage has taken down many of its products, including the company's dashboard and related application programming interfaces customers use to manage and read service configurations. The complete list of services whose ...
1 year ago Bleepingcomputer.com
How to Arm Yourself With CloudFlare Security Solutions - Securing your website or digital asset is a critical part of running a successful business or website. With the rise of the digital era, the need to protect yourself from cyber-attacks is essential. That's why CloudFlare, the leading cloud solution ...
2 years ago Blog.cloudflare.com
Spear Phishing vs Phishing: What Are The Main Differences? - Almost half of them used phishing to obtain the passwords of users. Highly targeted phishing campaigns against specific individuals or types of individuals are known as spear phishing. It's important to be able to spot phishing in general. For ...
1 year ago Techrepublic.com
Hackers Abuse Cloudflare Services for Sophisticated Phishing Attacks - The attacks, which began emerging in early 2025, leverage Cloudflare Workers and Pages to host malicious content that easily bypasses traditional security filters due to the trusted nature of Cloudflare’s infrastructure. Cybersecurity experts ...
20 hours ago Cybersecuritynews.com
Polyfill.io, BootCDN, Bootcss, Staticfile attack traced to 1 operator - The recent large scale supply chain attack conducted via multiple CDNs, namely Polyfill.io, BootCDN, Bootcss, and Staticfile that affected anywhere from 100,000 to tens of millions of websites has been traced to a common operator, according to ...
9 months ago Bleepingcomputer.com
Combat Phishing Attacks With AI-Powered Threat Protection - According to statistics, 81% of organizations have seen an increase in phishing emails since 2020, with an estimated 3.4 billion emails sent every day. AI-generated phishing emails are a sophisticated and evolving cybersecurity threat. ...
1 year ago Gbhackers.com
Flipping the BEC funnel: Phishing in the age of GenAI - For years, phishing was just a numbers game: A malicious actor would slap together an extremely generic email and fire it out to thousands of recipients in the hope that a few might take the bait. Common among these new techniques was a shift towards ...
1 year ago Helpnetsecurity.com
What SOCs Need to Know About Water Dybbuk - According to the Federal Bureau of Investigation, BEC costs victims more money than ransomware, with an estimated US$2.4 billion being lost to BEC in the US in 2021. Recently, BEC scammers have been using stolen accounts from legitimate Simple Mail ...
2 years ago Trendmicro.com
Cloudflare publishes details of Thanksgiving security breach The Register - Cloudflare has just detailed how suspected government spies gained access to its internal Atlassian installation using credentials stolen via a security breach at Okta in October. In a write-up on Thursday, CEO Matthew Prince, CTO John ...
1 year ago Go.theregister.com
Phishing Campaign Exploits Open Redirection Vulnerability In 'Indeed.com' - Phishing remains one of the most prevalent challenges facing organisations, with more than three billion malicious emails estimated to be sent around the world every day. Owing to the prevalence of the problem, Verizon's 2023 Data Breach ...
1 year ago Cyberdefensemagazine.com
Cloudflare R2 service outage caused by password rotation error - The absence of safeguards and validation checks for high-impact actions led to the outage, prompting Cloudflare to plan and implement additional measures for improved account provisioning, stricter access control, and two-party approval processes for ...
1 week ago Bleepingcomputer.com
Cloudflare hacked using auth tokens stolen in Okta attack - Cloudflare disclosed today that its internal Atlassian server was breached by a 'nation state' attacker who accessed its Confluence wiki, Jira bug database, and Atlassian Bitbucket source code management system. The threat actor first gained access ...
1 year ago Bleepingcomputer.com
The Future of Phishing Email Training for Employees in Cybersecurity - One common method they use is through phishing emails. To counter this changing threat, companies must give importance to providing phishing email training for employees on identifying and responding properly to phishing attempts. Standard training ...
10 months ago Hackread.com
Vade Releases 2023 Phishers' Favorites Report - PRESS RELEASE. SAN FRANCISCO, Feb. 15, 2024 /PRNewswire/ - Vade, a global leader in threat detection and response with more than 1.4 billion mailboxes protected, today announced its annual Phishers' Favorites report for 2023. Phishers' Favorites ...
1 year ago Darkreading.com
USPS Delivery Phishing Scam Exploits SaaS Providers to Steal Data - A new USPS Delivery Phishing Scam has surfaced, in which scammers are exploiting Freemium Dynamic DNS and SaaS Providers to steal victims' login credentials and other data. Cybersecurity researchers at Bloster AI have uncovered a new USPS Delivery ...
1 year ago Hackread.com
One Phish, Two Phish, Red Phish, Blue Phish - I sat down for a chat with George Skouroupathis, our phishing expert at Resonance Security. Phishing is often the first step taken by hackers in a larger scam. There are lots of different kinds of phishing attacks, but one of the most prevalent is ...
10 months ago Hackread.com
Telegram is a Wide-Open Marketplace for Phishing Tools - The encrypted messaging app Telegram has become a veritable marketplace for bad actors who want to launch effective phishing campaigns on the cheap, essentially democratizing the cyberthreat, according to researchers at cybersecurity firm Guardio. ...
1 year ago Securityboulevard.com
Cloudflare Incident on January 24th, 2023 - An Overview - On January 24th, 2023, Cloudflare experienced an incident that impacted its customers globally. In this article, we will provide an overview analysis of the incident, its impacts on SEO, security, threats, etc. ...
2 years ago Blog.cloudflare.com
Cloudflare Unveils AI Labyrinth: A New Approach to Exhaust AI Crawlers - By turning AI against itself, Cloudflare has developed an innovative solution that protects website content and demonstrates its dedication to safeguarding original content creators from unauthorized data scraping. As AI-generated content continues ...
1 week ago Cybersecuritynews.com
"Quishing" you a Happy Holiday Season - QR Code phishing scams - What they are and how to avoid them. Originally invented to keep track of car parts in the early 90s, QR codes have been around for decades. Quishing, or QR Code phishing, exploits smartphone users scanning the 2D barcode, ...
1 year ago Netcraft.com
Cloudflare loses 22% of its domains in Freenom.tk shutdown - A staggering 12.6 million domains on TLDs controlled by Freenom have been shut down and no longer resolve, leading to a significant reduction in the number of websites hosted by Cloudflare. The disappearance of these websites was spotted during our ...
1 year ago Netcraft.com
As a SOC/DFIR Team Member, How To Investigate Phishing Kit Attacks - A critical methodology for investigating phishing kit attacks involves using Threat Intelligence (TI) Lookup tools like ANY.RUN’s platform, which aggregates data from millions of sandbox sessions to identify emerging threats. However, forensic ...
1 month ago Cybersecuritynews.com
Microsoft notifies UK customers affected by hackers abusing 'verified publisher' tag - Microsoft said it has notified customers impacted by a campaign that involved the abuse of the company's "Verified publisher" status to allow access to a victim's cloud environments. Accounts can gain verified publisher status when an app publisher ...
2 years ago Therecord.media

Latest Cyber News


Cyber Trends (last 7 days)


Trending Cyber News (last 7 days)