Security Bulletin

Hello everyone.

We at Puyo Nexus use the Cloudflare CDN to provide TLS security and caching.

Unfortunately, yesterday, a vulnerability was disclosed in the Cloudflare CDN service that was randomly leaking private data into pages. Although the bug did not seem to be actively abused, and although there is no way to know for sure what information exactly was leaked, we have killed all sessions as a safety precaution. You should re-login to your account, and possibly consider changing your password just to be safe - although it is worth noting that the likeliness of a password leak is somewhat low.

Just to be clear, it is still pretty unlikely anyone will be seriously impacted by this, especially since it isn't clear anyone had found this exploit before Google Project Zero did, but it's better to be safe than sorry.

Google Project Zero issue.
A post mortem from Cloudflare.

Thanks for reading. You may want to check on your Discord and Reddit accounts, for Discord and Reddit also use Cloudflare. Edit: Your Reddit account is safe. Reddit stopped using CloudFlare on approximately September 9th. Thanks jjm.

View all news