On March 19th, Richard Hicks, one of our customers, emailed us about a certificate that had renewed after only a week. It was a 90-day certificate and he had not initiated the renewal. That’s the kind of thing that sends you straight to the logs. We found the answer right away. The certificate’s ARI renewal window had been shortened dramatically.

Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag. If that sounds abstract, here are two recent examples of such skimming attacks: To further our goal of building a better Internet, Cloudflare established a core tenet during our Birthday Week 2025: powerful security features should be accessible without requiring a sales engagement.

An employee receives what looks like a routine email. Maybe it’s a shared document link, a shipment update, or a tool they already use. Nothing feels off. They click. Within seconds, a malicious script runs in the background. No warning. No alert. And the firewall? It didn’t block it. This isn’t an edge case. It’s how many modern attacks actually begin. Not by breaking in, but by being let in. Traditional network defenses were built to block external threats at the perimeter.

RSAC remains the cybersecurity event. It is where the industry gathers to compare notes, pressure-test assumptions, spot the next wave of market change and, just as importantly, build the partnerships that will shape what comes next. This year in San Francisco, that energy was unmistakable. There was real buzz across the city, from the show floor and executive meetings to the side events and industry gatherings that increasingly define RSAC week.

Navigating the labyrinth of the U.S. federal procurement system, especially for Defense Industrial Base (DIB) companies, can be challenging, particularly when trying to meet stringent cybersecurity compliance standards like the Cybersecurity Maturity Model Certification (CMMC).

In the previous posts, we took a look at setting up VMkernel networks, including storage and vMotion. Now, we discuss configuring ESXi networks for the VMs themselves. VM networks provide connectivity of the VMs to the production network. Let’s walk through how these are configured. NAKIVO for VMware vSphere Backup Complete data protection for VMware vSphere VMs and instant recovery options. Secure backup targets onsite, offsite and in the cloud. Anti-ransomware features. DISCOVER SOLUTION.

On March 31, 2026, two malicious versions of axios, the enormously popular JavaScript HTTP client with over 100 million weekly downloads, were briefly published to npm via a compromised maintainer account. The packages contained a hidden dependency that deployed a cross-platform remote access trojan (RAT) to any machine that ran npm install (or equivalent in other package managers like Bun) during a two-hour window. The malicious versions (1.14.1 and 0.30.4) were removed from npm by 03:29 UTC.