U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|U.S. CISA adds a Microsoft SharePoint Server flaw to its Known Exploited Vulnerabilities catalog|430,000 FortiGate Devices Exposed in FortiBleed Ransomware Link|Adobe fixed multiple maximum-severity flaws in ColdFusion and Campaign Classic|Alleged Scattered Spider Hacker Extradited to U.S. to Face Cybercrime Charges|Oracle E-Business Suite Flaw Under Active Attack, 950 Systems Exposed|Azure CLI Targeted in LSHIY Password Spray Campaign Across 64 Orgs|CISA Warns BlueHammer Flaw Is Now Exploited in Ransomware Attacks|RustDuck: The Botnet That’s Still Small but Engineering Like It Plans to Grow|GuardFall Flaw Hits 10 of 11 Popular Open-Source AI Agents|XSS.is, The Forum That Ran the Ransomware Supply Chain Is Down. The Market Isn’t|U.S. CISA adds SimpleHelp flaw to its Known Exploited Vulnerabilities catalog|Hackers Steal Data of 4.38 Million Aflac Japan Customers|
Advertisement

Ad Placeholder

Full Width × 90

Breaking News

Cloudflare blocked a record 11.5 Tbps DDoS attack

Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves. Cloudflare announced on X that it had blocked the largest ever DDoS attack, peaking at 11.5 Tbps. The UDP flood, mainly from Google Cloud, was part of a wave of attacks that lasted several weeks. Cloudflare […]

DDoS

Cloudflare blocked a record 11.5 Tbps DDoS attack, a UDP flood from Google Cloud, part of weeks-long assault waves.

Cloudflare announced on X that it had blocked the largest ever DDoS attack, peaking at 11.5 Tbps. The UDP flood, mainly from Google Cloud, was part of a wave of attacks that lasted several weeks.

Cloudflare said it had blocked hundreds of massive DDoS attacks in weeks, the record-breaking attack was a UDP flood that lasted approximately 35 seconds.

In June, Cloudflare announced that during 2025 Q2, it automatically blocked the largest ever reported DDoS attacks, peaking at 7.3 terabits per second (Tbps) and 4.8 billion packets per second (Bpps).

The attack was 12% greater than its previous peak and 1 Tbps greater than the attack reported by the popular cyber journalist Brian Krebs.

The 7.3 Tbps DDoS attack blasted 37.4 TB of data in just 45 seconds, like streaming 9,350 HD movies or downloading 9.35 million songs in under a minute. It’s the data equivalent of a year of nonstop HD video or 4,000 years’ worth of daily high-res photos, all crammed into less than a minute.

“37.4 terabytes is not a staggering figure in today’s scales, but blasting 37.4 terabytes in just 45 seconds is.” reads the report published by Cloudflare. “It’s the equivalent to flooding your network with over 9,350 full-length HD movies, or streaming 7,480 hours of high-definition video nonstop (that’s nearly a year of back-to-back binge-watching) in just 45 seconds. “

The attack targeted a single IP, hitting an average of 21,925 ports per second and peaking at 34,517, with source ports similarly distributed.

The 7.3 Tbps DDoS attack was multivector, with 99.996% as UDP floods. The rest included QOTD, Echo, NTP, Mirai, Portmap, and RIPv1 attacks.

Follow me on Twitter: @securityaffairs and Facebook and Mastodon

Pierluigi Paganini

(SecurityAffairs – hacking, Cloudflare)