This Week in NET

In this first 2026 edition of This Week in NET, João Tomé is joined by Patrick Day from Cloudflare’s Impact & Policy team to break down the recently released Cloudflare Impact Report — including how Cloudflare supports elections, protects journalists, advances Internet standards, and expands access to secure AI infrastructure.At the start, we also go over some of our recent blog posts:• Acquisitions: Astro and Human Native join the Cloudflare ecosystem.• Technical Deep Dive: How a small DNS optimization in 1.1.1.1 exposed a decades-old ambiguity in early Internet standards.• Global Trends: A severe government-directed Internet shutdown in Iran and BGP anomalies observed in Venezuela.Mentioned topics:Cloudflare Impact ReportThe Cloudflare Blog

In this end-of-year episode of This Week in NET, host João Tomé is joined by Omer Yoachimik, Senior Product Manager for DDoS Protection at Cloudflare, to break down the realities of the 2025 DDoS threat landscape — and what’s coming next.They discuss how DDoS attacks reached previously “theoretical” scales in 2025, including record-breaking 31 Tbps attacks, the rise of massive botnets like Aisuru, and how geopolitical events increasingly shape cyber activity. Omer explains why traditional scrubbing-center defenses are becoming obsolete, how Cloudflare’s autonomous, globally distributed mitigation works, and why automation and real-time intelligence are now essential.The conversation closes with practical advice for organizations, common myths about DDoS risk, and what to expect in 2026 as attacks grow larger, faster, and more sophisticated.DDoS threats related blog posts: https://blog.cloudflare.com/tag/ddos/

In this special Year in Review episode of This Week in NET, host João Tomé is joined by David Belson to break down the Cloudflare Radar 2025 Year in Review.Together, they explore what Cloudflare’s global network reveals about how the Internet evolved over the past year — from the rapid rise of AI crawlers and agent traffic, to record-breaking DDoS attacks, the spread of post-quantum encryption, and the growing impact of government-directed shutdowns and outages.The conversation looks at Internet resilience, security trends, and performance across countries, as well as what changed in Internet services, mobile platforms, and connectivity in 2025, and what these signals might tell us about 2026.Explore the full Radar Year in Review microsite.Read the related blog posts on the Cloudflare Blog:The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacksChatGPT's rivals, Kwai's quiet rise: the top Internet services of 2025

In this short episode of This Week in NET, Craig Dennis, Senior Developer Educator for AI at Cloudflare, explains why Replicate is joining Cloudflare, and what that means for developers building with AI.Replicate is widely known for making it easy to run thousands of high-quality AI models, from image generation and video to audio and language models, all through a simple, developer-friendly API. Craig breaks down why Replicate became such an important part of the AI ecosystem, and how bringing it into Cloudflare helps make Workers the best place to build and deploy AI and agentic workflows.And there’s a bonus: we’re giving away Replicate credits so you can try models yourself. Stay tuned to the episode to learn how to get access and start experimenting.Mentioned blog posts:Why Replicate is joining Cloudflare

In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability — deploying global protection before the public advisory was even released.That speed matters. In just the first 11 days after disclosure, Cloudflare observed more than 1 billion exploitation attempts related to React2Shell, with sustained pressure averaging over 4 million hits per hour, and peaks far higher. Threat actors quickly integrated the vulnerability into large-scale scanning and reconnaissance, targeting even critical infrastructure. If you run React, upgrading is urgent.Daniele explains how WAF rules are built, how new payload logging improvements help customers understand real attack traffic, and what’s coming next in 2026 — including Firewall for AI, fraud detection, and safer, gradual rule rollouts.To close the episode, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess app running inside ChatGPT, built with the Agents SDK and Cloudflare Workers.Mentioned blog posts:React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniquesCloudflare WAF proactively protects against React vulnerabilityGet better visibility for the WAF with payload logging

In this episode of This Week in NET, host João Tomé sits down with Stephanie Cohen, Cloudflare’s Chief Strategy Officer, for a candid conversation about AI, content creators, financial services, partnerships, and the future of the Internet.Stephanie shares how Cloudflare is helping keep the Internet open and resilient — from giving creators transparency and control over AI scraping, to enabling new models of agentic commerce through partnerships with Visa and Mastercard, to empowering organizations of all sizes through Cloudflare’s global network.The conversation also explores the rise of Agentic Commerce, where AI agents can complete secure payments on behalf of users. Stephanie explains how this shift is emerging, why trust and standards matter, and how Cloudflare is working with key financial institutions to make it safe.They also discuss what innovation looks like inside large companies, how AI is reshaping industries, and why Cloudflare sees itself as an enabler for both creators and the long tail of innovators.

Cloudflare Principal Network Engineer Tom Strickx joins This Week in NET to explain what really keeps the Internet running. From anchors cutting submarine cables to automation detecting bad Internet weather, Tom shares an inside look at how one of the world’s largest networks operates — and why human trust still matters in keeping the Internet alive.We talk about:How Cloudflare’s global network evolved since 2017The hidden fragility of the Internet (and why it still works)Routing leaks, Anycast, and automationAI’s growing role in network reliabilityWhat it’s like inside real data centersSubscribe for more weekly conversations on Internet trends, infrastructure, and technology:ThisWeekinNET.com

In this second part of our previous episode, host João Tomé talks with André Jesus, Systems Engineer at Cloudflare and front-end engineer on the Radar team. They discuss the latest updates to Cloudflare Radar, the platform that turns Internet data into accessible insights.André, who joined Cloudflare as an intern in Lisbon, Portugal, in 2024, explains how radar.cloudflare.com showcases trends in Internet traffic, protocol adoption, and security. He walks us through Radar’s new Top-Level Domain (TLD) insights, how the team uses DNS magnitude to measure domain popularity, and why certificate transparency is crucial for a safer web.The conversation also goes into outage monitoring, the Data Explorer and URL scanner tools, and how users around the world are finding surprising Internet trends — like the rise of Linux usage in France.

In this episode, host João Tomé talks with Marwan Fayed, Principal Scientist and Research Lead at Cloudflare, about the science behind understanding and improving the Internet.They explore the Research Week blog takeover on Measurement, Resilience, and Transparency, discussing the tricky science of Internet measurement — including a traffic spike in Ukraine that revealed how complex it is to explain data at scale. Marwan shares how Cloudflare is building a framework for Internet resilience, preparing for a post-quantum future with Merkle tree certificates, and tackling the “store now, decrypt later” risk. They also cover Cloudflare’s work to identify users behind Carrier-Grade NAT, innovations in protocol defense, anonymous credentials, and the story behind WARP VPN.At the heart of it all: how to make the Internet safer, faster, and more transparent, at global scale.Learn more in the blog series: https://blog.cloudflare.com/tag/research/

In this special episode, host João Tomé reports from Cloudflare Connect Las Vegas (October 13-16) — the company’s first-ever global event, bringing together customers, partners, and developers from over 60 countries.In the intro, we also share what’s coming next week on the Cloudflare blog — a special five-day series focused on Internet Measurement, Resilience, and Transparency: the foundations of a faster, safer, and more reliable web for everyone.The episode covers major announcements, including Cloudflare’s partnership with Mastercard and Visa to secure automated commerce with AI agents through the new Trusted Agent Protocol and Agent Pay (Web Bot Auth).We also feature clips from rapper and actor Common, who reflects on creativity, connection, and humanity in the age of AI.Additionally, João speaks with several Cloudflare team members shaping the Internet’s future:James Allworth, Head of Innovation — on the relaunch of the Workers website, designed to reflect Cloudflare’s developer platform for the AI era.David “Tubes” Tuber, Director of Product Management, Network — on how Cloudflare keeps the Internet fast and reliable, and the story behind Orpheus, a system that ensures the best network path.Kenton Varda, Principal Systems Engineer and creator of Workers — on benchmark results, CPU performance, and the future of AI agents that write code securely inside Workers isolates.Full interviews with each guest will be published in the coming weeks.Mentioned content:Cloudflare Connect 2025Workers.cloudflare.comSecuring agentic commerce: helping AI Agents transact with Visa and MastercardUnpacking Cloudflare Workers CPU Performance BenchmarksCode Mode: the better way to use MCP

In this episode of This Week in NET, host João Tomé is joined by Leslie Hasvold, Senior Director of Corporate Events, Programs & Customer Advocacy, and Craig Dennis, Senior Developer Educator for AI, to talk about Cloudflare’s first global Connect conference in Las Vegas and the launch of AI Avenue, a new documentary series exploring how people around the world are learning, experimenting, and building with AI.We cover what to expect from Connect Las Vegas, from 100+ breakout sessions to keynotes focused on AI, innovation, and the future of the Internet — and we go behind the scenes of AI Avenue to learn how AI is reshaping creativity, education, and development.Know more:Connect 2025 Las VegasAI Avenue show

In this episode of This Week in NET, host João Tomé is joined by Cloudflare Senior Product Managers Korinne Alpers and Nikita Cano to recap all the announcements from Cloudflare’s 15th Birthday Week.We cover AI, developer tools, security, performance, and how Cloudflare continues to give back to the Internet.Highlights include: • AI & Security: Firewall for AI, Shadow AI protection, and Content Signals Policy. • For Creators & Nonprofits: Project Galileo expansion and new tools to control how AI uses content. • New Economy: NET Dollar and the x402 Foundation with Coinbase. • Developer Platform Upgrades: Cap’n Web RPC, VibeSDK, AI Search updates, PQC in WARP, and more. • Investing in the Future: 1,111 interns in 2026 plus new student and startup programs.Full list of announcements: cloudflare.com/birthday-week

In this special 15th-anniversary episode of This Week in NET, we sit down with Cloudflare co-founders Michelle Zatlyn and Matthew Prince to revisit the early days — from a Harvard Business School project to launching at TechCrunch Disrupt in 2010. We talk about how culture takes shape, the technical vision of Lee Holloway, and pivotal moments that defined Cloudflare’s journey, as well as where the Internet is headed next. At the end, don’t miss a special easter egg from the journalist who first covered Cloudflare’s launch. Follow all Birthday Week 2025 announcements: cloudflare.com/birthday-week

Birthday Week is Cloudflare’s biggest innovation week — and this year is extra special as we celebrate our 15th birthday. Each year, we pause to reflect on our journey, celebrate the progress we’ve made, and look ahead to what’s next, all while staying true to our mission of helping build a better Internet. In this episode of This Week in NET, João Tomé is joined by Nikita Cano to preview what’s coming in Birthday Week 2025: democratizing development, building a smarter and more open web, securing the future by default, the future of development on Cloudflare, and new performance and networking upgrades. Don’t miss our special Sunday episode at ThisWeekinNET.com, featuring Cloudflare co-founders Matthew Prince and Michelle Zatlyn reflecting on how Cloudflare came to be 15 years ago. Follow all announcements at: https://cloudflare.com/birthday-week

In this episode, host João Tomé is joined by Kenny Johnson (Principal Product Manager) to review everything announced during the week — across Cloudflare One, Application Security, Workers AI, AI Gateway, and Radar. Full list of blog posts at: cloudflare.com/ai-week

In this episode, host João Tomé is joined by Inanna Malick, Systems Engineer at Cloudflare, to talk about how she built a serverless version of a real-time social app that connects to the ATProto ecosystem — the protocol powering platforms like Bluesky. Inanna walks us through her blog post and technical journey, showing how she used Cloudflare Workers, Durable Objects, and the free tier of our Developer Platform to deploy an open, identity-owned, cryptographically verified social experience — all without running a server. They discuss what makes ATProto different, how Statusphere works (the “Hello World” of open social apps), and what might be coming next in the world of decentralized platforms. Plus: how WebSockets and Durable Objects can be combined to create live, real-time updates — all running serverlessly. Later in the episode, we check in with Keith Adler, Machine Learning Engineer, to hear how Cloudflare is making it easier to explore your data with Python notebooks powered by Marimo. Mentioned blog posts: Serverless Statusphere: a walk through building serverless ATProto applications on Cloudflare’s Developer Platform Explore your Cloudflare data with Python notebooks, powered by marimo

We continue our 100th episode celebration of This Week in NET with a special look back at memorable moments from past guests and a quick rundown of the latest Cloudflare blog stories. From Internet pioneers like Geoff Huston, to Cloudflare co-founders Matthew Prince and Michelle Zatlyn, and leaders like Nicholas Thompson (The Atlantic) and Chris Anderson (TED), many Cloudflare experts, and John Graham-Cumming, that started this podcast with João Tomé in 2022. We revisit highlights from some of the most insightful conversations we’ve had over the past 3 years. We also cover what’s new on the Cloudflare blog — including Jetflow, the White House AI Action Plan, the Q2 2025 DDoS report, and more. Join us as we celebrate 100 episodes of This Week in NET.

In this special conversation, João Tomé sits down with John Graham-Cumming, Cloudflare’s former CTO and current board member, to look back at Cloudflare’s journey — from Universal SSL and Heartbleed to Workers, Radar, and what’s next for the Internet. Topics & Timecodes: 00:58 – Favorite Cloudflare Moments: Universal SSL & Heartbleed Impact 04:36 – The Philosophy of Offering Free Services 09:20 – Evolution and Impact of the Cloudflare Blog 14:23 – Unique Cloudflare Teams: Crypto/Research Team 17:37 – The Lava Lamp Wall Story 20:41 – Key Moments for Zero Trust and Workers 22:50 – The Origin of Workers and Culture of Freedom 25:36 – The 1.1.1.1 Public Resolver Story 27:51 – The Legacy and Importance of the Cloudflare Blog 29:56 – The Value of Radar and Transparency 30:53 – Cloudflare’s Future as an Iconic Internet Company Don’t miss Part 2 of our 100th episode celebration, featuring highlights from past guests and the latest Cloudflare blog stories.

In this episode, host João Tomé is joined by Will Allen, Cloudflare’s VP of Product Management, to discuss Pay-Per-Crawl and our new permission-based model for AI bots. These updates, launched on July 1, 2025 — what we call Content Independence Day — aim to reshape how AI models access and reward content, shifting from an opt-out to an opt-in approach. Cloudflare’s CEO, Matthew Prince, also appears in a video at the start, reflecting on Content Independence Day. We explore how AI Overviews are changing the old “traffic for content” model and how Cloudflare is helping creators take control through tools like AI Audit. Plus: the future of trustworthy content, bot authentication, and the rise of a fairer content economy. Send us your questions for a future episode on these topics at ThisWeekinNET@cloudflare.com. Check the mentioned blog posts here: https://blog.cloudflare.com/tag/pay-per-crawl/

In this episode, host João Tomé is joined by Kenton Varda, Principal Engineer at Cloudflare, for a wide-ranging conversation about AI, code, and the evolution of Internet development. Kenton shares how a real-world project shifted his view from AI skepticism to seeing the promise of AI-assisted coding, while emphasizing the need for strong human review, especially for security. The episode also dives into the architecture of Cloudflare Workers and its first months, Durable Objects, and the vision of the Internet as one programmable computer: “the network is the computer”. Looking ahead, Kenton predicts a new era of developers powered by AI assistants — building more custom apps than ever — and explains why Cloudflare Workers is built to support that future. Mentioned blog posts: Introducing Cloudflare Workers: Run JavaScript Service Workers at the Edge (2017) Defending the Internet: how Cloudflare blocked a monumental 7.3 Tbps DDoS attack Everything you need to know about NIST’s new guidance in “SP 1800-35: Implementing a Zero Trust Architecture” Cloudflare Log Explorer is now GA, providing native observability and forensics Connect any React application to an MCP server in three lines of code Cloudflare service outage June 12, 2025