Hi everyone, this article came across to my news feed and it was the first time I heard about this kind of vulnerability.
I hope someone who is an expert in this topic could share some insights. Does what's in the article suggest that it is safer to leave the DNS with the registrar (eg. Name.com) instead of using third-party like CloudFlare? Thank you.
I think this article probably helps a bit more.
My understanding is that it could even happen to a domain registar if they have a hosting offering as well or a pure DNS offering.
I don't think it can really happen on CloudFlare, but I could be wrong. Personally, I use CloudFlare for all of my DNS. I think even if someone adds your domain to CF, it gives them different NS records to what might be in your account, so there isn't the possibility of that DNS takeover. Where as, other providers like hosting providers that just have 1 set of NS records for all their service offerings, could be vunerable.
That is my understanding, I could be wrong.