A severe security vulnerability has been discovered in the CloudFlare content delivery network that has caused big-name websites to expose private session keys and other sensitive data.

CloudFlare, a content delivery network (CDN) and web security provider that helps optimize safety and performance of over 5.5 Million websites on the Internet, is warning its customers of the critical bug that could have exposed a range of sensitive information, including passwords, and cookies and tokens used to authenticate users.

Dubbed Cloudbleed, the nasty flaw is named after the Heartbleed bug that was discovered in 2014, but believed to be worse than Heartbleed.

The vulnerability is so severe that it not only affects websites on the CloudFlare network but affects mobile apps as well.

What exactly is "Cloudbleed," how it works, how are you affected by this bug, and how you can protect yourself? Read more here: http://forums.afrocybersec.com/threads/serious-bug-exposes-sensitive-data-from-millions-sites-sitting-behind-cloudflare.59/

Interestingly, Nairaland runs on Cloudflare. The consequence of this is: potentially Nairaland's traffic which obviously passes through Cloudflare (even https) might be public.

Interesting.