The company's Global Network is a distributed infrastructure of servers and data centers across more than 120 countries, providing content delivery, security, and performance optimization services and connecting Cloudflare to over 13,000 networks, including every major ISP, cloud provider, and enterprise worldwide.
Cloudflare blames this week's massive outage on database issues
November 19, 2025 05:54 AM
This database query returned duplicate column metadata after permissions changes, doubling the feature file from approximately 60 features to over 200, exceeding the system's hardcoded 200-feature limit designed to prevent unbounded memory consumption.
Every five minutes, a query generated either correct or faulty configuration files, depending on which cluster nodes had been updated, causing the network to fluctuate between working and failing states.
Additionally, when the oversized file propagated across network machines, the Bot Management module's Rust code triggered a system panic and 5xx errors, crashing the core proxy system that handles traffic processing.
Core traffic returned to normal by 14:30 UTC after Cloudflare engineers identified the root cause and replaced the problematic file with an earlier version. All systems were fully operational by 17:06 UTC. The outage affected Cloudflare's core CDN and security services, Turnstile, Workers KV, dashboard access, email security, and access authentication.
"We are sorry for the impact to our customers and to the Internet in general. Given Cloudflare's importance in the Internet ecosystem any outage of any of our systems is unacceptable," Prince added.
LATEST ART;ICLES
‘PlushDaemon’ hackers hijack software updates in supply-chain attacks
The China-aligned advanced persistent threat (APT) tracked as 'PlushDaemon' is hijacking software update traffic to deliver malicious payloads to its targets.
- November 19, 2025
- 05:00 AM
0
New Webinar: How phishing attacks evolved in 2025 
This year, we've seen a huge amount of phishing evolution, with new techniques, toolkits, and delivery methods identified every day.
Register for the webinar to get the latest insights from Push Security analysing key stats, getting hands-on with phishing kits, and sharing case studies from the field.
Thunderbird adds native support for Microsoft Exchange accounts
Thunderbird 145 has been released with full native support for Microsoft Exchange email via the Exchange Web Services (EWS) protocol.
- November 18, 2025
- 05:09 PM
- 1
New ShadowRay attacks convert Ray clusters into crypto miners
A global campaign dubbed ShadowRay 2.0 hijacks exposed Ray Clusters by exploiting an old code execution flaw to turn them into a self-propagating cryptomining botnet.
- November 18, 2025
- 03:56 PM
- 0
Windows 11 gets new Cloud Rebuild, Point-in-Time Restore tools
Microsoft announced two new Windows 11 recovery features today at the Ignite developer conference, called Cloud Rebuild and Point-in-Time Restore (PITR), that aim to reduce downtime and make it easier to recover from system failures or faulty updates.
- November 18, 2025
- 02:29 PM
- 0
All your PDF tasks handled in this $42 lifetime app deal
Managing, editing, and converting PDFs shouldn't require five different apps—and with this UPDF platform, it doesn't. Right now, lifetime access is just $41.97 (MSRP: $149.99) with code EDIT—it's the lowest price yet, and available for new users only.
- November 18, 2025
- 02:07 PM
- 0
Fortinet warns of new FortiWeb zero-day exploited in attacks
Today, Fortinet released security updates to patch a new FortiWeb zero-day vulnerability that threat actors are actively exploiting in attacks.
- November 18, 2025
- 02:01 PM
- 0
Microsoft to integrate Sysmon directly into Windows 11, Server 2025
Microsoft announced today that it will integrate Sysmon natively into Windows 11 and Windows Server 2025 next year, making it unnecessary to deploy the standalone Sysinternals tools.
- November 18, 2025
- 12:25 PM
- 0
Microsoft Teams to let users report messages wrongly flagged as threats
Microsoft says that Teams users will be able to report false-positive threat alerts triggered by messages incorrectly flagged as malicious.
- November 18, 2025
- 12:14 PM
- 0
French agency Pajemploi reports data breach affecting 1.2M people
Pajemploi, the French social security service for parents and home-based childcare providers, has suffered a data breach that may have exposed personal information of 1.2 million individuals.
- November 18, 2025
- 11:59 AM
- 0
The Tycoon 2FA Phishing Platform and the Collapse of Legacy MFA
Tycoon 2FA enables turnkey real-time MFA relays behind 64,000+ attacks this year, proving legacy MFA collapses the moment a phishing kit targets it. Learn from Token Ring how biometric, phishing-proof FIDO2 hardware blocks these relay attacks before they succeed.
- November 18, 2025
- 10:01 AM
- 0
Cloudflare hit by outage affecting Global Network services
Cloudflare is investigating an outage affecting its global network services, with users encountering "internal server error" messages when attempting to access affected websites and online platforms.
- November 18, 2025
- 07:24 AM
- 7
You can get two years of WordPress hosting for just $50 in this deal
Hostinger's 2-year Premium Web Hosting plan keeps it firmly in the "easy" category, and right now, new U.S. users can grab it for $49.99 (MSRP: $306.74) for a limited time.
- November 18, 2025
- 07:12 AM
- 0
Google fixes new Chrome zero-day flaw exploited in attacks
Google has released an emergency security update to fix the seventh Chrome zero-day vulnerability exploited in attacks this year.
- November 18, 2025
- 05:13 AM
- 0
No comments:
Post a Comment