Cloudflare whacks WAF bypass bug that opened side door for attackers

ACME validation had a challenge-request hole

Cloudflare has fixed a flaw in its web application firewall (WAF) that allowed attackers to bypass security rules and directly access origin servers, which could lead to data theft or full server takeover.…