Record-Breaking Cloud Incident Brings Outage Through the Internet
None
<h2>November 18, 2025 – Cloudflare Global Outage (not a DDoS)</h2><ul> <li><strong>Time</strong>: Started ~11:20 UTC, major issues until ~14:30 UTC, full recovery by ~17:06 UTC.</li> <li><strong>Scope</strong>: Affected a huge portion of the internet — thousands of sites and services behind Cloudflare (X/Twitter, OpenAI/ChatGPT, Spotify, Claude.ai, Discord, Crunchyroll, etc.).</li> <li><strong>Symptoms</strong>: 500 Internal Server errors, endless CAPTCHA loops, sites completely unreachable.</li> <li><strong>Initial suspicion</strong>: Cloudflare briefly thought it was a “hyper-volumetric” DDoS attack because of the sudden global spike in errors. <ul> <li>“When the issue first started, the symptoms looked very similar to a hyper-volumetric DDoS attack. We initially wrongly suspected the symptoms we were seeing were caused by a hyper-scale DDoS attack. As we dug deeper, we correctly identified the core issue was not an attack…”</li> </ul> </li> <li><strong>Root cause (confirmed)</strong>: <ul> <li>ML feature configuration file in Bot Management grew too large (>100 MB in some cases).</li> <li>This caused crashes in Cloudflare’s edge proxy processes worldwide.</li> <li>No customer data was lost or compromised.</li> <li>Cloudflare’s official statement: “There is no evidence that this was the result of an attack or caused by malicious activity.”</li> </ul> </li> <li>Official Source: <a href="https://blog.cloudflare.com/18-november-2025-outage/">https://blog.cloudflare.com/18-november-2025-outage/</a></li> </ul><p><strong>The timing and Cloudflare’s brief initial misdiagnosis caused widespread confusion, with many people incorrectly believing Cloudflare had been DDoSed. Some reports even mentioned that the Cloudflare Incident was linked to an earlier DDoS incident towards Microsoft Azure. In reality, the two events were unrelated.</strong></p><h2>October 24, 2025 – The Microsoft Azure DDoS Incident – Record Breaking 15Tbps</h2><ul> <li>Size: 15.72 Tbps (terabits per second) – the largest publicly disclosed DDoS attack ever recorded.</li> <li>Target: Primarily Microsoft Azure infrastructure and customers.</li> <li>Attack type: Multi-vector Layer 3/4 flood (UDP reflection/amplification + other protocols), launched from over 500,000 source IPs across various regions.</li> <li>Botnet involved: The attack originated from Aisuru botnet. Aisuru is a Turbo Mirai-class IoT botnet that exploiting compromised home routers and cameras, mainly in residential ISPs in the United States and other countries.</li> <li>This attack did not involve or affect Cloudflare.</li> <li>Source: <a href="https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422">https://techcommunity.microsoft.com/blog/azureinfrastructureblog/defending-the-cloud-azure-neutralized-a-record-breaking-15-tbps-ddos-attack/4470422</a></li> </ul><h2>NSFOCUS Hybrid DDoS Solution</h2><p>The combination of NSFOCUS <a href="https://nsfocusglobal.com/products/anti-ddos-system-ads/">On-Premises DDoS Defenses</a> combined with NSFOCUS <a href="https://nsfocusglobal.com/products/cloud-ddos-protection-service-cloud-dps/">Cloud DDoS Defenses</a> eliminates all DDoS attacks targeting both customers and infrastructure. The combination enables providers to deliver Managed DDoS Services with a multi-tenant Platform that produces the lowest operating costs in the industry. NSFOCUS Cloud DDoS Protection brings you with a standalone service with <strong>global POPs</strong> and <strong>high availability, dedicated bandwidth for DDoS</strong> traffic absorption only, and simple yet robust structure designed mainly for mitigating massive DDoS attack traffic.</p><div class="code-block code-block-13" style="margin: 8px 0; clear: both;"> <style> .ai-rotate {position: relative;} .ai-rotate-hidden {visibility: hidden;} .ai-rotate-hidden-2 {position: absolute; top: 0; left: 0; width: 100%; height: 100%;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback, .ai-list-block, .ai-list-block-ip, .ai-list-block-filter {visibility: hidden; position: absolute; width: 50%; height: 1px; top: -1000px; z-index: -9999; margin: 0px!important;} .ai-list-data, .ai-ip-data, .ai-filter-check, .ai-fallback {min-width: 1px;} </style> <div class="ai-rotate ai-unprocessed ai-timed-rotation ai-13-1" data-info="WyIxMy0xIiwxXQ==" style="position: relative;"> <div class="ai-rotate-option" style="visibility: hidden;" data-index="1" data-name="U2hvcnQ=" data-time="MTA="> <div class="custom-ad"> <div style="margin: auto; text-align: center;"><a href="https://www.techstrongevents.com/cruisecon-virtual-west-2025/home?ref=in-article-ad-2&utm_source=sb&utm_medium=referral&utm_campaign=in-article-ad-2" target="_blank"><img src="https://securityboulevard.com/wp-content/uploads/2025/10/Banner-770x330-social-1.png" alt="Cruise Con 2025"></a></div> <div class="clear-custom-ad"></div> </div></div> </div> </div><div class="wp-block-image"> <figure class="aligncenter size-large"><a href="https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment.png"><img fetchpriority="high" decoding="async" width="1024" height="600" src="https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-1024x600.png" alt="" class="wp-image-26747" srcset="https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-1024x600.png 1024w, https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-300x176.png 300w, https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-768x450.png 768w, https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-307x180.png 307w, https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment-150x88.png 150w, https://nsfocusglobal.com/wp-content/uploads/2023/10/ddosattackprotectiondeployment.png 1077w" sizes="(max-width: 1024px) 100vw, 1024px"></a></figure> </div><p>This makes you stay away from potential chaos from biggest cloud service platforms as complex structure and services may make it difficult to manage and thus could bring massive outage incidents. Staying away from the most targeted tenants/services hosted in biggest cloud service platforms who may attract record breaking DDoS traffic will also help you to avoid possible outages.</p><p>The post <a rel="nofollow" href="https://nsfocusglobal.com/record-breaking-cloud-incident-brings-outage-through-the-internet/">Record-Breaking Cloud Incident Brings Outage Through the Internet</a> appeared first on <a rel="nofollow" href="https://nsfocusglobal.com/">NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.</a>.</p><div class="spu-placeholder" style="display:none"></div><div class="addtoany_share_save_container addtoany_content addtoany_content_bottom"><div class="a2a_kit a2a_kit_size_20 addtoany_list" data-a2a-url="https://securityboulevard.com/2025/11/record-breaking-cloud-incident-brings-outage-through-the-internet/" data-a2a-title="Record-Breaking Cloud Incident Brings Outage Through the Internet"><a class="a2a_button_twitter" href="https://www.addtoany.com/add_to/twitter?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Frecord-breaking-cloud-incident-brings-outage-through-the-internet%2F&linkname=Record-Breaking%20Cloud%20Incident%20Brings%20Outage%20Through%20the%20Internet" title="Twitter" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_linkedin" href="https://www.addtoany.com/add_to/linkedin?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Frecord-breaking-cloud-incident-brings-outage-through-the-internet%2F&linkname=Record-Breaking%20Cloud%20Incident%20Brings%20Outage%20Through%20the%20Internet" title="LinkedIn" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_facebook" href="https://www.addtoany.com/add_to/facebook?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Frecord-breaking-cloud-incident-brings-outage-through-the-internet%2F&linkname=Record-Breaking%20Cloud%20Incident%20Brings%20Outage%20Through%20the%20Internet" title="Facebook" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_reddit" href="https://www.addtoany.com/add_to/reddit?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Frecord-breaking-cloud-incident-brings-outage-through-the-internet%2F&linkname=Record-Breaking%20Cloud%20Incident%20Brings%20Outage%20Through%20the%20Internet" title="Reddit" rel="nofollow noopener" target="_blank"></a><a class="a2a_button_email" href="https://www.addtoany.com/add_to/email?linkurl=https%3A%2F%2Fsecurityboulevard.com%2F2025%2F11%2Frecord-breaking-cloud-incident-brings-outage-through-the-internet%2F&linkname=Record-Breaking%20Cloud%20Incident%20Brings%20Outage%20Through%20the%20Internet" title="Email" rel="nofollow noopener" target="_blank"></a><a class="a2a_dd addtoany_share_save addtoany_share" href="https://www.addtoany.com/share"></a></div></div><p class="syndicated-attribution">*** This is a Security Bloggers Network syndicated blog from <a href="https://nsfocusglobal.com/">NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks.</a> authored by <a href="https://securityboulevard.com/author/0/" title="Read other posts by NSFOCUS">NSFOCUS</a>. Read the original post at: <a href="https://nsfocusglobal.com/record-breaking-cloud-incident-brings-outage-through-the-internet/">https://nsfocusglobal.com/record-breaking-cloud-incident-brings-outage-through-the-internet/</a> </p>