From MSSP Alert: Cloudflare helped identify and address a global zero day security vulnerability that gives cybercriminals the ability to launch attacks larger than anything the internet had seen before. In response, Cloudflare developed technology that automatically blocks any attacks that exploit the vulnerability. Cloudflare found the vulnerability, "HTTP/2 Rapid Reset," in August 2023, which was developed by an unknown threat actor and exploits the standard HTTP/2 protocol — essential to the operation of the internet and most websites. As Cloudflare experienced a Rapid Reset attack itself, the company embraced an "assume-breach" mindset, working with industry partners to find the best way to mitigate the attack. At the peak of the Rapid Reset DDoS campaign, Cloudflare recorded and handled over 201 million requests per second (Mrps) and the mitigation of thousands of additional attacks that followed.