Jeff JohnsonMar 18, 2025

The real story here is that Cloudflare is admitting to be a MITM attacker who is reading all of your private data going over the web.

https://blog.cloudflare.com/password-reuse-rampant-half-user-logins-compromised/

Password reuse is rampant: nearly half of observed user logins are compromised

Nearly half of observed login attempts across websites protected by Cloudflare involved leaked credentials. The pervasive issue of password reuse is enabling automated bot attacks and account takeovers on a massive scale.

The Cloudflare Blog
Show threadEspen
@lapcatsoftware I don't understand how web-apps using Cloudflare are GDPR-compliant. This MITM-stuff, same for certs, is exactly why I didn't consider migrating to services such as Render which rely on Cloudflare for DNS.
Mar 18, 2025 at 1:12pmWeb