top | item 38496489

(no title)

philprx | 2 years ago

Well they certainly can’t feel good about not detecting egress DDoS from their customer usage.

It could be VPN originating or maybe Worker originating maybe?

Don’t they have a security.txt and security@ email address?

Looks like posting to social media the full analysis of the attack is the sensible thing to do.

discuss

cpncrunch|2 years ago

>Don’t they have a security.txt

Yes, but it just covers bug bounties and also links to the abuse page (which only accepts websites hosted on cloudflare).