Cloudflare Security Research Analysts: New WAF rule deployed! CVE-2025-59340 (JinJava) → RCE, full server compromise, potential lateral movement Read more about the full ruleset update:

Today, we're announcing new incident response and advisory services. Our experts provide on-demand support to help organizations prepare for and recover from security crises.

Our new protection stopped 1M attacks in the last 24 hours.

→ Predictable multipart boundary — HTTP Parameter Pollution (CVE-2025-7783) Read more about the full ruleset update:  https://t.co/BSVnO4Rj1t

Cloudflare has deployed new WAF protections - including an emergency rule for Oracle E-Business Suite RCE (CVE-2025-61882), which can lead to full system compromise. Also covered: → Chaos Mesh unauthenticated in-cluster RCE (CVE-2025-59358/59359/59360/59361)

Read more about the full ruleset update: https://t.co/KxmH2Xk5f7

Cloudflare has rolled out new WAF rules to protect against: ->SimpleHelp Auth Bypass (CVE-2024-57727) ->Flowise Cloud Info Disclosure (CVE-2025-58434) ->WordPress Ditty Plugin SSRF (CVE-2025-8085) ->Vite Directory Traversal (CVE-2025-30208)

CVE-2025-20333 (9.9): Auth attacker → RCE → full takeover CVE-2025-20362 (6.7): Unauth attacker → VPN exposure CVE-2025-20363 (9.0): Critical RCE → malware, persistence, exfiltration

CVE-2025-20333 CVE-2025-20362 CVE-2025-20363 could be under active exploitation. Patch immediately. Cloudflare is actively monitoring and researching the CVEs, but in the meantime we deployed 2 aggressive rules (default off) for who wants to block access all together.

GoAnywhere MFT (CVE-2025-10035): Exploitation enables attackers to escalate privileges or achieve RCE via command injection. Read more about the full ruleset update: https://t.co/tKbwOSwiHw

From Cloudflare Security Research Analysts: Cloudflare has released new WAF rule to address the following CVE and strengthen customer protection:

Skyvern (CVE-2025-49619): Server-Side Template Injection (SSTI) → could lead to remote code execution. Adobe Commerce (CVE-2025-54236): Remote Code Execution (RCE) → could allow takeover of e-commerce platforms. Read more about the full ruleset update:

Cloudflare has released new WAF rules addressing the following CVEs to enhance customer protection. Azure Networking (CVE-2025-54914): Elevation of Privilege → could allow full compromise of networking components.

UPDATE: Earlier today, the threat actor posted to their Telegram channel that they recovered their service. After we became aware of this, we took additional action against the the threat actor. We continue to work hand in hand with @MicrosoftDCU.

In partnership with Microsoft and law enforcement, we've disrupted RaccoonO365 — a sophisticated Phishing-as-a-Service enterprise targeting Microsoft credentials. Our new report outlines the coordinated action and technical details. Learn more: https://t.co/CybSJP7oXV

Sitecore (CVE-2025-53694): A sensitive information disclosure → Unauthorized access to sensitive information Read more about the full ruleset update: https://t.co/xfZsRkod6I

Argo CD (CVE-2025-55190): Exposure of Sensitive Information → Could access sensitive credential information. DataEase (CVE-2025-57773): Unvalidated Input → JNDI Injection & Deserialization RCE

From Cloudflare Security Research Analysts: Cloudflare has released new WAF rules to address the following CVEs and strengthen customer protection:

🚨 Cloudflare Security Research Analysts have investigated the compromise to popular npm packages maintained by developer ~qix. We found no trace of impact to our enterprise Page Shield customers so far. Detection has since been deployed to score future matches as Malware.

- WordPress Plugin 'InfiniteWP Client' (CVE-2020-8772): Critical Authentication Bypass. Read more about the full ruleset update: https://t.co/QJPu8zbHzG