|
|
|
|
|
|
by bifrost
2610 days ago
|
|
|
It wasn't CloudFlare's API not revoking a token, they just didn't revoke all the tokens. Basically human error. "The API key was known compromised in the original attack, and during the rebuild the key was theoretically replaced. However, unfortunately only personal keys were rotated, enabling the defacement." |
|
|