Back to blog

Follow and Subscribe

All blog posts

Page 6 of 50

  • Vulnerability in Fastly open source CDN module intended to be integrated into Magento2

    Fastly Security Research Team, The Fastly Security Technical Account Management Team

    During the investigation of a customer report, Fastly became aware of and addressed a security vulnerability (CVE-2017-13761) in the Fastly CDN module intended to be integrated into Magento2. This is open source code which Fastly releases to enable easy integration with our partner’s products. All versions prior to 1.2.26 are affected and customers are encouraged to upgrade. Fastly has reached out directly to customers currently using affected versions of the module.

    Security

  • Incorrect service routing involving HTTP/2 client connections

    Fastly Security Research Team, The Fastly Security Technical Account Management Team

    On November 11, 2019, at 21:57 UTC, Fastly deployed a new build of its HTTP/2 termination software to two Fastly cache servers in the Minneapolis-St.Paul (STP) data center. This build contained a processing flaw involving connection re-use between internal Fastly systems (unrelated to HTTP/2 multiplexing), and caused some incoming HTTP/2 requests for Fastly customers’ services to potentially be routed incorrectly to a group of up to 20 different Fastly customers’ services and origins. This led to some client request data being delivered to, and a response returned by, an incorrect customer origin. The customers whose origins erroneously received these requests may have logged the incorrectly-routed request data. Fastly was first notified by a customer of a client error on November 12, 2019, at 23:07 UTC. On November 13, 2019, at 00:50 UTC, all customer traffic was diverted away from the affected data center. Fastly immediately commenced an investigation, and on November 14, 2019, at 00:31 UTC, we validated the presence of incorrectly routed request data in a customer’s logs. We estimate this flaw affected 0.00016% of our global request traffic during the 27-hour period. It is unlikely that affected client requests came from outside of North America. Because Fastly does not store customer log data, we are not able to say with certainty if an affected request was incorrectly routed.

    Security

  • Memory access due to code generation flaw in Cranelift module

    The Fastly Security Technical Account Management Team, Fastly Security Research Team

    The bug identified in the Cranelift x64 backend performs a sign-extend instead of a zero-extend on a value loaded from the stack, when the register allocator reloads a spilled integer value narrower than 64 bits. This interacts poorly with another optimization: the instruction selector elides a 32-to-64-bit zero-extend operator when we know that an instruction producing a 32-bit value actually zeros the upper 32 bits of its destination register. Hence, the x64 compiler relies on these zeroed bits, but the type of the value is still i32, and the spill/reload reconstitutes those bits as the sign extension of the i32’s MSB.

    Security

  • Publish your website without a host

    Sue Smith

    Deploy static sites to Fastly Compute directly from your browser or IDE. Publish blogs, apps, and websites at the edge without hosting.

    CDN & Delivery
    + 3 more

  • DDoS in August

    Liam Mayron, David King

    August 2025 DDoS attack trends: Hyperscale clouds are the source for 70% of attacks. Get insights on the latest application DDoS trends to strengthen security.

    Security
    + 2 more

  • Trust at Scale with Fastly Image Optimizer and C2PA

    James Sherry

    Fastly Image Optimizer now supports C2PA, enabling verifiable content authenticity. Combat misinformation and build trust with secure image provenance at scale.

    CDN & Delivery
    + 2 more

  • Sustainability dashboard: Shine a light on your digital carbon footprint

    Eoghan Kelly

    Fastly's Sustainability dashboard provides instant access to electricity-related Scope 2 & 3 emissions data. Understand and optimize your digital carbon footprint with ease.

    CDN & Delivery
    + 3 more

  • Bridging the real-time testing gap: Fanout support in local development for Fastly Compute

    Katsuyuki Omuro

    Fastly Compute now supports local Fanout testing, letting you build and validate real-time features without deploying to production.

    Engineering
    + 2 more

  • AI Bots in Q2 2025: Trends from Fastly's Threat Insights Report

    Matthew Mathur, David King, + 1 more

    Fastly's Q2 2025 Threat Insights Report uncovers how Meta, OpenAI, and others are shaping web traffic and what organizations need to do to stay in control.

    Security
    Industry insights

  • Powering PyPI with Advanced Traffic Engineering

    Joe Williams, Stephen Strowes

    PyPI serves millions daily. See how Fastly’s Individual Provider Anycast unlocks faster, smarter routing for Python’s package index.

    CDN & Delivery
    + 4 more

  • Fastly DDoS Protection wins SiliconANGLE TechForward Cloud Security Award

    David King

    Fastly DDoS Protection wins SiliconANGLE TechForward Cloud Security Award after rigorous analysis by 32 industry peers.

    Security
    An illustration of a hand holding a megaphone with shield and lock icons blaring out

  • Fastly's Resilience to HTTP/1.1 Desynchronization Attacks

    Frederik Deweerdt, Kazuho Oku, + 2 more

    Discover why Fastly's architecture protects against HTTP/1.1 desynchronization attacks, unlike other CDNs. Protect your applications with Fastly's secure platform.

    Security
    + 4 more

  • Maximizing Compute Performance with Log Explorer & Insights

    Namit Shivaram

    Monitor and troubleshoot Fastly Compute services with Log Explorer & Insights. Gain granular insights, optimize performance, and debug faster for efficient applications.

    Compute
    + 2 more

  • Why Paying Copyright Holders for AI Training is Essential

    Simon Wistow, John Agger

    AI and creator rights don’t need to clash. A fair, consent-based model can drive innovation without exploiting creative work.

    Industry insights

  • DDoS in July

    Liam Mayron, David King

    July 2025 DDoS attack trends: Fastly's report reveals infrequent but massive enterprise attacks & insights on attack volume, industries targeted, and company size.

    Security
    Industry insights

  • Fastly is easier than ever to use with our Model Context Protocol (MCP) Server

    Jaskirat Singh Randhawa

    Manage Fastly with ease using the new open-source Model Context Protocol (MCP) Server. Integrate with AI assistants for conversational control of your services.

    Product
    Compute

  • Demystifying Fastly’s Defense Against HTTP Desynchronization Attacks

    Brian Haberman, Sandra Escandor-O’Keefe, + 1 more

    Learn how Fastly's robust architecture and strict protocol parsing defend against HTTP desynchronization attacks, ensuring your web applications are secure.

    Security
    + 3 more

  • Unlock Faster Web Performance: The Data Behind Fastly's Edge Over Akamai

    Lucas Olslund

    Discover why migrating from Akamai to Fastly boosts web performance. Our data shows 57% faster TTFB & 17% faster LCP, based on real-world CrUX data.

    CDN & Delivery
    Performance

  • Getting Started with TypeScript on Fastly Compute

    Katsuyuki Omuro

    Getting started with TypeScript on Fastly Compute is simple! Learn how to add static typing to your JavaScript projects for robust development.

    Compute
    + 3 more

  • Can We Make AI Green? Big AI Sustainability Questions, Answered by Fastly’s Co-Founder

    Alina Lehtinen-Vela

    Can AI be green? Fastly’s Simon Wistow tackles big questions on AI sustainability, backed by original data from our 2025 AI Energy Pulse Check survey.

    CDN & Delivery
    + 2 more