Security Articles

Google Threat Intelligence Group (GTIG) identified "Coruna," a powerful iOS exploit kit targeting iPhones running iOS 13.0 through 17.2.1, containing 23 exploits across five full exploit chains.

Threat Intelligence

Cloudflare

61 min read

Security•2026-03-03

Introducing the 2026 Cloudflare Threat Report

Cloudflare's 2026 Threat Report details a shift from brute-force attacks to high-trust exploitation, measured by attacker Measure of Effectiveness (MOE).

See risk, fix risk: introducing Remediation in Cloudflare CASB

Cloudflare CASB introduces Remediation, allowing customers to fix risky file-sharing configurations directly from the Cloudflare One dashboard without switching to each app's admin UI.

How Cloudy translates complex security into human action

This post explains how Cloudflare's LLM-powered 'Cloudy' layer translates complex ML security signals into clear, actionable human-readable guidance within Cloudflare One.

From reactive to proactive: closing the phishing gap with LLMs

Cloudflare describes how integrating LLMs into their email security pipeline shifts phishing detection from reactive to proactive by mapping the threat landscape at scale.

The truly programmable SASE platform

Cloudflare explains what true programmability means for their SASE platform, Cloudflare One, and how it enables real-time custom logic within security policies.

Beyond the blank slate: how Cloudflare accelerates your Zero Trust journey

Cloudflare introduces Project Helix, an automated tool that configures its Cloudflare One SASE platform with best-practice Zero Trust policies in minutes instead of weeks.

Modernizing with agile SASE: a Cloudflare One blog takeover

This post introduces Cloudflare One as an "agile SASE" platform designed to modernize corporate network security for the AI era.

Everything as code for your security lifecycle

This post explains the 'everything as code' approach to securing cloud infrastructure at scale, using HashiCorp tools.

Cloudflare

31 min read

Security•2026-02-27

Toxic combinations: when small signals add up to a security incident

This post explains how Cloudflare identifies "toxic combinations" — converging minor signals that together indicate a security breach in progress.

Bringing more transparency to post-quantum usage, encrypted messaging, and routing security

Cloudflare introduces new security transparency tools on Radar covering post-quantum encryption, Key Transparency for E2EE messaging, and BGP routing security.

ASPA: making Internet routing more secure

This post introduces ASPA (Autonomous System Provider Authorization), a new cryptographic standard built on RPKI to validate BGP routing paths and prevent route leaks.