Fastly Security Research Team

Fastly Security Research Team, Fastly

The Fastly Security Research Team focuses on ensuring our customers have the tools and data available to them to keep their systems secure. They analyze and ultimately help prevent attacks at Fastly scale. The team is a group of behind-the-scenes security experts who are here to help you stay on the cutting edge of the ever-evolving security landscape.

Page 1 of 2

ToolShell Remote Code Execution in Microsoft SharePoint: CVE-2025-53770 & CVE-2025-53771

Simran Khalsa, Matthew Mathur, + 1 more

Microsoft revealed two critical vulnerabilities, CVE-2025-53771 and CVE-2025-53770, actively exploited to compromise SharePoint servers.

July 23, 2025

Security
Securing Your Code Against OS Command Injection

Fastly Security Research Team, Matthew Mathur

What is an OS Command Injection? In this blog, we'll explore the web application vulnerability, OS Command Injection, and how to prevent it.

July 15, 2025

Security
CVE-2025-29927: Authorization Bypass in Next.js

Matthew Mathur, Fastly Security Research Team

A critical Next.js Vulnerability (CVE-2025-29927) lets attackers bypass authorization. Protect your applications now.

March 26, 2025

Security
DDoS in February

Arun Kumar, David King, + 1 more

Fastly's February 2025 DDoS report reveals a 285% month-over-month surge in DDoS attacks. Learn about key trends, targeted industries, and actionable security guidance.

March 06, 2025

Security
Industry insights
DDoS in January

Arun Kumar, David King, + 1 more

Stay informed with Fastly's monthly DDoS report, highlighting a 14.5% rise in attacks. Utilize our data-driven insights to bolster your application's security.

February 06, 2025

Security
Industry insights
DDoS in December

Simran Khalsa, David King, + 1 more

Discover the latest trends and actionable insights on application DDoS attacks in December 2024. Strengthen your security with our expert analysis and guidance.

January 10, 2025

Security
Industry insights
Back to Basics of Automated Attacks: Account Takeover

Arun Kumar, Fastly Security Research Team

Explore account takeover attacks and mitigations including modern authentication with 2FA/passkeys, and anti-bot measures to enhance account security.

July 09, 2024

Security
Detection as Code with Fastly's WAF Simulator

Simran Khalsa, Fastly Security Research Team

Being able to test and validate rule behavior is critical to a maintainable WAF. With our WAF Simulator, you can validate rules in a safe simulation environment.

June 26, 2024

DevOps
+ 3 more
Active exploitation of unauthenticated stored XSS vulnerabilities in WordPress Plugins

Fastly Security Research Team, Simran Khalsa, + 2 more

We have observed active exploitation attempts targeting three high-severity CVEs: CVE-2024-2194, CVE-2023-6961, and CVE-2023-40000.

May 29, 2024

Security
Industry insights
How to Protect Against Credential Stuffing

Arun Kumar, Fastly Security Research Team

In this post, we will discuss a low latency approach to detect these attacks by co-locating the password hashes in a KV Store, along with Compute on Fastly’s edge.

February 23, 2024

Compute
+ 3 more
Cyber 5 Threat Insights

Simran Khalsa, Charlie Bricknell, + 1 more

To gain a broader understanding of the threat landscape during "Cyber 5" weekend, we analyzed attack activities with a particular focus on commerce sites.

December 14, 2023

Industry insights
+ 2 more
WAF Simulator: Transforming DevSecOps Workflows

Fastly Security Research Team, Simran Khalsa

We're excited to announce Fastly's new WAF Simulator, which simplifies the testing process and provides the following key benefits.

December 13, 2023

DevOps
+ 2 more
Patch that Vuln! Identify, Triage, and Qualify CVEs

Fastly Security Research Team, Simran Khalsa

Vulnerabilities are an unfortunate inevitability. However, when using a WAF there are options for your security teams while waiting for a patch.

November 20, 2023

Security
+ 2 more
CVE-2023-30534: Insecure Deserialization in Cacti prior to 1.2.25

Fastly Security Research Team, Matthew Mathur

We have discovered two instances of insecure deserialization in Cacti versions prior to 1.2.25, tracked as CVE-2023-30534.

October 03, 2023

Security
Back to Basics: Directory Traversal

Fastly Security Research Team, Matthew Mathur

In this post, we'll explore the application vulnerability directory traversal. What is it and how can you protect your apps from it?

August 22, 2023

Security
Network Effect Threat Report: Uncovering the power of collective threat intelligence

Fastly Security Research Team, Simran Khalsa, + 3 more

Announcing the Network Effect Threat Report, Fastly’s threat intelligence report with insights based on unique data from April to June of 2023

August 03, 2023

Security
+ 2 more
CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability

Fastly Security Research Team, Simran Khalsa, + 3 more

What you need to know about CVE-2023-34362: Progress MOVEit Transfer SQL Injection Vulnerability

June 09, 2023

Security
Command Injection CVE-2021-25296: A Deep Dive

Fastly Security Research Team, Matthew Mathur

NagiosXI versions 5.5.6 to 5.7.5 are vulnerable to three different instances of command injection.

February 28, 2023

Security
Industry insights
Examining Chrome's TLS ClientHello Permutation | Fastly

Jonathan Foote, Arun Kumar, + 2 more

On January 20th, Chrome shipped an update that changed the profile of one of the most popular TLS client fingerprinting algorithms, JA3. In this short blog post we’ll describe the change and our observations across Fastly's network.

February 08, 2023

Industry insights
Security
Using Client Hints to Detect Disparities

Fastly Security Research Team, Simran Khalsa

Learn how User-Agent Client Hints work, explore privacy-related features and concerns, and how the partial adoption and incompleteness of this emerging standard can be used to detect behavior disparities.

October 19, 2022

DevOps
+ 2 more