Big-name websites leaked people’s private session keys and personal information into strangers’ browsers, due to a Cloudflare bug uncovered by Google researchers. As we’ll see, a single character – ‘>’ rather than ‘=’ – in Cloudflare’s software source code sparked the security blunder. Cloudflare helps companies spread their websites and online services across the internet. Due to a programming blunder, for several months Cloudflare’s systems slipped random chunks of server memory into webpages, under certain circumstances.
View full story
ORIGINAL SOURCE: The Register