Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

tl;dr: There's no silver bullet for keeping secrets out of logs, but if we put several "lead bullets" in the right places, we have a good chance of success.

‍ I love working in monolithic repositories. It fosters collaboration, code reuse, and knowledge sharing—some of my favorite aspects of engineering culture here. ‍ However, without guardrails, complexity can grow unchecked, making it harder to reason about the system as a whole. In early 2024, it was clear that our error handling strategies had fallen victim to this, and it was impacting the quality of our product.

It is a significant benefit that the world is connected the way it is, with the potential for even greater interconnectivity. However, this has come at huge costs, too, considering the rise in the direct involvement of state actors engaged in cyber warfare. Against this background, nations have a more acute awareness of digital vulnerabilities, which has radiated into regulatory frameworks concerning cross-border data compliance.

Thank you for following along with another Security Week at Cloudflare. We’re extremely proud of the work our team does to make the Internet safer and to help meet the challenge of emerging threats. As our CISO Grant Bourzikas outlined in his kickoff post this week, security teams are facing a landscape of rapidly increasing complexity introduced by vendor sprawl, an “AI Boom”, and an ever-growing surface area to protect.

On March 21st, 2025, the Next.js maintainers announced a new authorization bypass vulnerability – CVE-2025-29927. This vulnerability can be easily exploited to achieve authorization bypass. In some cases – exploitation of the vulnerability can also lead to cache poisoning and denial of service.

Discover a charge on your credit card that you don’t recognize. It could be from a card cloning event. Card cloning predominantly affects credit cards, but this phenomenon may also impact some payment platform cards (like those from PayPal or Zelle). In short, card cloning occurs when the card’s magnetic strip or chip is used in unauthorized transactions. Credit card cloning is a form of fraud, but it differs from others in its more nuanced elements.

As organizations strengthen endpoint and cloud security, attackers are shifting their focus to often-overlooked network infrastructure like routers, switches, and firewalls. Legacy vulnerability management (VM) solutions struggle to keep pace, relying on slow, periodic scans that fail to provide real-time visibility into emerging threats.

Last April, Microsoft Security Copilot taxied down the runway and took flight to help passengers onboard to reach new destinations in cyber defense. BlueVoyant, as a Microsoft Security Copilot pre-launch design advisory council member, was a trusty flight attendant that helped Security Copilot safely take off. Today, as Security Copilot has reached its cruising altitude, Microsoft announced Security Copilot agents that help its passengers to further optimize Microsoft Security tools usage.

Kubernetes has evolved into the industry standard for orchestrating containerized applications. In this article, we break down the architecture of a Kubernetes cluster using practical examples, and code snippets. Whether you’re a beginner or an experienced engineer, you’ll gain clarity on the roles of control plane (historically “master”) and worker nodes, the nuances of multi-control-plane deployments, and updated OpenShift configurations.

On March 20, 2025, a Breach Forums user, “rose87168,” claimed to have stolen six million records from Oracle Cloud’s SSO and LDAP services and offered the data for sale or in exchange for zero-day exploits. Breach Forums is a known marketplace for cybercriminals to trade stolen data and exploits.