cdn – WindowsTechs.com

Vulnerability scanner for CDN scripts [closed]

Posted on September 21, 2024 by mjhouseman

I’m looking for a vulnerability scanner (SAST, SCA, or other) that flags in-code CDN scripts where the script is referencing a vulnerable package (ex. jQuery 1.9 is susceptible to XSS). Typically, SCA scans find vulnerable 3rd party packag… Continue reading Vulnerability scanner for CDN scripts [closed]→

Trojanized jQuery Infiltrates npm, GitHub, and CDNs: Thousands of Packages at Risk

Posted on July 9, 2024 by Deeba Ahmed

Phylum uncovers large-scale trojanized jQuery attacks targeting npm, GitHub, and CDNs. Malicious actors steal user form data through… Continue reading Trojanized jQuery Infiltrates npm, GitHub, and CDNs: Thousands of Packages at Risk→

Is polyfill.io still an immediate threat?

Posted on June 27, 2024 by telion

Polyfill.io is malicious: https://dev.to/snyk/polyfill-supply-chain-attack-embeds-malware-in-javascript-cdn-assets-55d6
https://www.sonatype.com/blog/polyfill.io-supply-chain-attack-hits-100000-websites-all-you-need-to-know
However, I noti… Continue reading Is polyfill.io still an immediate threat?→

3rd-Party CDN SSL Inspection for Financial/Banking API Traffics

Posted on May 12, 2024 by bboy

We have 3rd-Party CDN in front of Financial/Banking APIs which involves sensitive data, login, access token, cookies, etc.
We would like to leverage WAF and SSL Inspection capability of CDN. This requires SSL Offloading at CDN.
How to avoi… Continue reading 3rd-Party CDN SSL Inspection for Financial/Banking API Traffics→

Why can’t we encrypt twice instead of having Cloudflare MITM half the internet?

Posted on January 19, 2024 by Henrik F

First of all I want to address a thought I had which is that they might market their ability to read the encrypted code being sent so they can spot "bots" and such, and that this is why they need to be able to decrypt the communi… Continue reading Why can’t we encrypt twice instead of having Cloudflare MITM half the internet?→

Fleek Network Releases New Whitepaper for Decentralized Edge Platform

Posted on July 31, 2023 by Owais Sultan

By Owais Sultan
Brooklyn, New York, 31 July 2023 – Fleek Network has released a new whitepaper describing the decentralized edge…
This is a post from HackRead.com Read the original post: Fleek Network Releases New Whitepaper for Decentralized Edg… Continue reading Fleek Network Releases New Whitepaper for Decentralized Edge Platform→

Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks

Posted on July 21, 2023 by Habiba Rashid

By Habiba Rashid
In the interconnected world of web development, open-source components play a vital role, facilitating collaboration and code sharing…
This is a post from HackRead.com Read the original post: Global CDN Service ‘jsdelivr&#8… Continue reading Global CDN Service ‘jsdelivr’ Exposed Users to Phishing Attacks→

Is this web cache poisoning attempt correct?

Posted on April 27, 2023 by wrieed

So i’ve been trying to learn cache poisoning for a while and today i thought i finally found a vulnerable instance. Everything seems to be working even tho it doesn’t. Like, 416 response is cached, age is 64. But when i visit it on the bro… Continue reading Is this web cache poisoning attempt correct?→

Content Delivery Network (CDN) FAQs

Posted on February 2, 2023 by Owais Sultan

By Owais Sultan
What is a CDN? How can businesses benefit from a CDN? and What to look for in a CDN provider?
This is a post from HackRead.com Read the original post: Content Delivery Network (CDN) FAQs
Continue reading Content Delivery Network (CDN) FAQs→

Bypass network security filters with CDN

Posted on December 26, 2022 by user32725

I read about Domain Fronting technique, it bypasses network security filters but requires a relatively complex configuration (having evil.com pointing to a.cdn.net, and good.com pointing to b.cdn.net, then we send a request to good.com whi… Continue reading Bypass network security filters with CDN→