Cybersecurity experts have identified a sophisticated attack campaign exploiting Cloudflare’s tunnel infrastructure to distribute various remote access trojans (RATs).

The infrastructure, which has demonstrated remarkable resilience since February 2024, serves as a distribution platform for malicious files and trojans that enable attackers to gain unauthorized access to victims’ systems.