Saltmyhash
Ian Campbell š“I know it will be a shock to all of you that malicious actors are using Cloudflare services to delay detection in order to victimize more targets. New research brief from us yesterday!
https://dti.domaintools.com/securitysnacks/securitysnack-cloudflare-anti-security-for-phishing
DomainTools Investigations | SecuritySnack - CloudFlare Anti-Security For Phishing
A Microsoft 365 credential harvesting campaign is exploiting CloudFlare's anti-bot and human verification features to evade detection. Learn how attackers use IP blocklists, user-agent filtering, and obfuscated scripts to bypass security scannersāand what it means for the industry.