<ul><li>Cybercriminals are increasingly abusing two Cloudflare domains, 'pages.dev' and 'workers.dev', to facilitate phishing attacks and push malware to their victims.</li><li>The domains allow attackers to bypass endpoint protection tools and successfully compromise targets due to Cloudflare's good reputation.</li><li>The phishing attacks start with emails urging victims to address an urgent problem and either contain a PDF file or a link to Cloudflare's domains.</li><li>There has been a significant surge in abuse, with a 198% increase in phishing attacks on Cloudflare Pages and a 104% increase on Cloudflare Workers compared to the previous year.</li></ul>

Cloudflare developer domains increasingly abused by threat actors

Discover more