THREAT OPS › Threat News › Cloudflare Client-Side Security: smarter detection, now open to everyone
Cloudflare Client-Side Security: smarter detection, now open to everyone
<p>Client-side skimming attacks have a boring superpower: they can steal data without breaking anything. The page still loads. Checkout still completes. All it needs is just one malicious script tag.</p><p>If that sounds abstract, here are two recent examples of such skimming attacks:</p><ul><li><p>In January 2026, <a href="https://sansec.io/research/keylogger-major-us-bank-employees"><u>Sansec re
MITRE ATT&CK techniques
Indicators of compromise
- 4f2b7d46148b786fae75ab511dc27b6a530f63669d4fe9908e5f22801dea9202sha256
- 10c53b3b3ccc84b00c754c872ad20492md5
- https://sansec.io/research/keylogger-major-us-bank-employeesurl
- https://developer.mozilla.org/en-US/docs/Web/HTTP/Guides/CSPurl
- http://192.168url
- https://api.qpft5.comurl
- ns.qpft5.comdomain
Original source: https://blog.cloudflare.com/client-side-security-open-to-everyone/