Cloudflare's 1.1.1.1 DNS service was impacted by 12 mis-issued TLS certificates from Fina CA, a Microsoft-trusted certificate authority. While Fina claims the certificates were for internal testing and posed no threat, Cloudflare acknowledges security lapses in not detecting the issue sooner via Certificate Transparency logs. Although no malicious use is confirmed, the incident highlights vulnerabilities in the TLS infrastructure and the responsibilities of CAs and service providers. Microsoft's trust in Fina is also under scrutiny.

Prepared by Jonathan Pierce and reviewed by editorial team.