This Week in NET

In this episode of This Week in NET, host João Tomé is joined by Matt “TK” Taylor (Senior Product Manager) and Matt Kane (Senior Principal Systems Engineer) to discuss EmDash, a new CMS launched by Cloudflare as a modern, serverless alternative inspired by WordPress.Built on Astro and designed for today’s developer workflows, EmDash combines the familiarity of traditional CMS platforms with a modern architecture: serverless deployment, TypeScript throughout, and a plugin system designed to solve one of WordPress’s biggest challenges — security.The conversation explores why plugin vulnerabilities account for the vast majority of WordPress security issues, and how EmDash addresses that by running plugins in sandboxed Worker isolates with tightly scoped permissions. Matt and Matt also discuss how AI agents were used during development, why the project is MIT licensed, and how the CMS is designed from the ground up to work with AI agents through MCP and structured content.Later in the episode we see the EmDash playground, how WordPress sites can be imported in minutes, and how developers can start building plugins and extensions today.More info:Introducing EmDash — the spiritual successor to WordPress that solves plugin securityTry out the EmDash admin interface here: https://emdashcms.com/playground ⏱️ Timestamps00:45 — Intro: EmDash launch and April 1 announcement02:09 — What EmDash is and why Cloudflare built it04:07 — Why WordPress architecture struggles on modern infrastructure06:30 — Scaling storage, media, and modern hosting models07:00 — The plugin ecosystem: WordPress’s strength and weakness08:19 — Matt Taylor’s background in CMS and media platforms09:03 — Matt Kane’s work with Astro and Gatsby11:21 — How the idea for EmDash started inside the Astro community13:36 — Building the CMS with AI agents17:21 — Sandbox plugins with Cloudflare Dynamic Workers19:17 — Solving the plugin security problem22:16 — Why EmDash is MIT licensed25:52 — Early feedback from Yoast and the WordPress ecosystem27:05 — Designing a CMS for AI agents and MCP workflows30:43 — Demo: the EmDash playground and dashboard33:22 — Flexible content types and built-in SEO35:05 — Editing directly on the live page37:18 — Early community feedback and plugins already appearing39:03 — x402 and the future of agent-era monetization40:17 — SEO architecture and plugin extensibility41:43 — What’s next for EmDash

In this episode of This Week in NET, host João Tomé is joined by Michelle Chen from Cloudflare’s AI product team to discuss the rise of open models, the launch of Kimi 2.5 on Workers AI, and why enterprises are rethinking the cost of proprietary AI.Michelle explains how Cloudflare’s security team used Kimi to scan internal codebases and found more than 40 confirmed security issues — at a fraction of the cost of proprietary models. The conversation explores why open models are rapidly becoming competitive with closed alternatives, how Cloudflare builds efficiency with custom inference engines and prefix caching, and what the Replicate acquisition means for bring-your-own-model workflows on Workers AI.Later in the episode, we also hear from Dina Kozlov about Dynamic Workers and Code Mode (now in open beta), followed by another Women of Cloudflare segment with Alexandra Messe Rodriguez.⏱️ Timestamps00:00 — Cold open: Kimi finds 40+ security issues00:30 — Intro and Cloudflare blog highlights03:06 — Michelle Chen joins the show05:44 — The rise of open models and Kimi 2.507:14 — Finding 40+ security issues with AI10:40 — The real cost of running AI agents16:26 — Making inference efficient: caching, kernels, and architecture19:42 — Replicate and bring-your-own-model on Workers AI25:08 — Favorite AI use case: fashion e-commerce images29:05 — Dina Kozlov: Dynamic Workers and Code Mode33:13 — Women of Cloudflare: Alexandra Messe Rodriguez

In this episode of This Week in NET, host João Tomé is joined by Chema Alonso, Vice President and Head of International Development at Cloudflare.Chema shares how a 1998 paper on SQL injection launched his career in hacking, his path from running a startup in Madrid to becoming a Microsoft MVP for 14 years, and how he ended up leading cybersecurity at Telefónica for more than a decade — after telling them “you don’t have enough money to make me work for you.” He also explains why he left Telefónica in 2025 to join Cloudflare, and what surprised him about the company’s technical depth.The conversation explores how AI is changing cybersecurity, from AI agents competing in Capture-the-Flag contests to automated attack chains running around the clock. Chema also discusses the black market for zero-day vulnerabilities, Cloudflare’s role in Europe, and how AI may reshape the economics of the Internet.We also hear the story behind his famous beanie hat, a Bluetooth exploit that Apple initially called “a feature” until Steve Wozniak got involved and a quick-fire round covering his first computer, favorite hacks, admired researchers, and why Gemini once hallucinated that he went to jail.⏱️ Timestamps 01:00 — How SQL injection in 1998 started his career02:36 — From startup to Microsoft MVP to training Spain's cyber forces04:36 — Black Hat, Def Con, and the global hacking scene05:53 — How Telefonica recruited Chema08:49 — 20 years of daily blogging as "brain gym"10:27 — The beanie hat origin story14:34 — Why he left Telefonica to join Cloudflare17:41 — What customers are most worried about: AI security22:55 — Cloudflare's role in Europe: sovereignty, resilience, and growth26:58 — How AI is disrupting the Internet's business model28:44 — The evolution of hacking: from phreaking to AI agents37:42 — The Dirty Tooth iPhone Bluetooth exploit and Steve Wozniak41:39 — Quick-fire round: first computer, favorite hack, Kevin Mitnick43:58 — Google Gemini hallucinated that Chema went to jail46:49 — The future of the Internet and Cloudflare

In this episode of This Week in NET, Heather Orsi, Director of Strategic Finance & Investor Relations at Cloudflare, shares her unusual career path across finance, startups, and tech, and what it means to communicate Cloudflare’s story to investors and analysts.Heather talks about her first days at Cloudflare just after the IPO, what it takes to explain a highly technical company to Wall Street, and how finance, strategy, and storytelling come together in investor relations.This conversation is part of the Women of Cloudflare series for Women’s Empowerment Month.Check the Cloudflare Blog:https://blog.cloudflare.com🎧 Subscribe for weekly conversations about the Internet and Cloudflare:https://ThisWeekinNET.com⸻⏱️ Timestamps00:38 — From banking and startups to Cloudflare02:21 — Joining Cloudflare right after the IPO04:16 — Explaining a deeply technical company to investors06:31 — Communicating Cloudflare’s story to analysts08:51 — The role of investor relations inside a tech company11:16 — Being a woman in finance and tech13:11 — Advice for people starting a career in finance

In this episode of This Week in NET, host João Tomé is joined by Cloudflare’s new Chief Marketing Officer, Jeff Samuels, to explore how marketing is evolving in the age of AI.We discuss why brand still wins, how marketers are becoming “context engineers,” and how Cloudflare connects deep technical products to clear narratives that resonate with customers.We also touch on the role of real-world events like RSA Conference, where Cloudflare will be present, and why in-person moments still matter in an increasingly AI-driven, digital-first world.⏱️ Timestamps01:44 — News roundup (AI, policy, product updates)03:25 — Meet Jeff Samuels (Cloudflare CMO)04:07 — Background: startups, policy, global experience06:46 — From product to marketing mindset08:25 — Lessons from OpenDNS and Cisco11:47 — Marketing in tech: empathy and understanding systems13:27 — Lifecycle marketing and customer connection15:05 — Why Cloudflare (people, mission, opportunity)16:49 — Marketing as the “architect” of go-to-market18:38 — Brand vs demand20:48 — Events like RSA and why they still matter27:02 — AI and the shift to orchestration31:39 — What’s next for Cloudflare marketing34:02 — Quick fire: skills, mistakes, brand vs performance36:49 — Advice for marketers entering tech37:27 — One word for Cloudflare: opportunity

In this Women at Cloudflare segment for Women’s Empowerment Month, Sofia Cardita, Systems Engineer at Cloudflare, shares her journey from clinical psychology to engineering.Sofia explains how she transitioned into tech through self-learning and hands-on building, and how AI is changing the way engineers work today. She also reflects on observability, teamwork, and finding balance as an engineer.⏱️ Timestamps00:12 — Sofia Cardita: background and role at Cloudflare  00:49 — From psychology to engineering02:02 — Self-learning and building from scratch03:03 — What she enjoys about engineering (proudest projects)04:18 — Observability and understanding systems04:59 — Advice for getting started05:07 — AI as a learning tool05:55 — Going deeper despite AI06:10 — Using AI in daily workflows07:02 — Productivity: rest, focus, and balance

In this episode of This Week in NET, host João Tomé is joined by Warnessa Weaver (Senior Product Manager) and Yumna Moazzam (Senior Product Marketing Manager) to break down Cloudflare’s SASE blog takeover week and what it means for enterprise security.Cloudflare One is evolving into an agile, composable, and programmable SASE platform, built natively on Cloudflare’s global network spanning 300+ cities. The conversation explores how organizations can modernize remote access, secure AI adoption, and replace legacy architectures that often take 18 months to deploy with migrations completed in 4–6 weeks.The episode covers:• Post-quantum encryption now in GA for Cloudflare One• Deepfake defense through a new Nametag partnership• Adaptive access with user risk scoring and signals from CrowdStrike and SentinelOne• Programmable gateway policies using Cloudflare Workers• DLP visibility for Microsoft 365 Copilot, ChatGPT, Gemini and more• Clipboard controls for browser-based RDP sessions• Closing the boot-to-login security gap with the Cloudflare One client• CASB remediation for Microsoft 365 and Google WorkspaceThe episode also includes a run-through of other recent Cloudflare blog posts, including AI Security for Apps (now GA), slashing agent token costs by 98% with RFC 9457, Nvidia Nemotron 3 Super on Cloudflare, and a new stateful API vulnerability scanner.Check the Cloudflare Blog:https://blog.cloudflare.com/tag/sase⏱️ Timestamps00:37 — Blog run-through: AI Security for Apps, RFC 9457 agent errors, API vulnerability scanner02:17 — Nvidia Nemotron 3 Super on Cloudflare03:29 — What is agile SASE and Cloudflare One?05:44 — Composability and programmability explained07:53 — Built on Cloudflare’s global network vs legacy vendors09:07 — The truly programmable SASE platform10:04 — Custom gateway policies with Cloudflare Workers12:16 — Post-quantum encryption in Cloudflare One13:14 — Harvest now, decrypt later14:34 — Boot-to-login security with the Cloudflare One client17:35 — Independent MFA in Cloudflare Access19:13 — Deepfake defense and Nametag partnership22:15 — User risk scoring and adaptive access25:26 — Data security: DLP, CASB, and browser-based RDP27:21 — Microsoft 365 Copilot visibility29:05 — Partner stories: TachTech and Adapture33:09 — Zero Trust onboarding with Terraform35:25 — Key takeaways

In this episode of This Week in NET, host João Tomé is joined by Cloudflare threat intelligence experts Brian Carter and Chris Peacey to break down the 2026 Cloudflare Threat Report and what it reveals about today’s cyber threat landscape.We discuss how threat intelligence helps organizations prioritize risks, how attackers are increasingly leveraging automation and AI tools, and why botnets, supply-chain attacks, and credential-theft campaigns continue to evolve.The conversation explores how attackers gain initial access, how criminal ecosystems operate across infrastructure providers and services, and how AI is beginning to influence reconnaissance, social engineering, and large-scale campaigns.We also examine geopolitical dimensions of cyber operations, the growing sophistication of phishing and identity attacks, and the role of threat intelligence in helping defenders anticipate and mitigate attacks before they escalate.Check the full 2026 Cloudflare Threat Report⏱️ Timestamps00:12 — Introduction: Special 2026 Threat Report edition00:58 — Threat Intelligence: Helping organizations prioritize defense01:53 — Global Trends: Identity weaponization and hyper-volumetric attacks04:44 — Record-breaking DDoS: Attack volume doubled from 2024 to 202505:40 — AI and cybercrime: shrinking the time from access to data theft08:10 — Living off the Cloud: Malware hidden inside Google Calendar and OneDrive10:43 — State-sponsored evolution: Cyber activity linked to the Ukraine war11:28 — Persistent espionage: Chinese and Iranian state actors13:56 — Industrialized cybercrime: Effectiveness over elegance16:35 — The recruitment attack: Deepfakes in remote hiring processes19:01 — Laptop farms: North Korean operators inside Western companies21:28 — Detecting AI interviewees and “digital tics”23:13 — Token theft: How attackers bypass MFA protections25:40 — Human-in-the-loop phishing: Building trust before the payload27:54 — Infrastructure rug-pulling: The “Nasty Shrew” campaign31:52 — Advice for CISOs: Managing third-party integration risks33:55 — Disrupting the chain: Neutralizing 400+ malicious domains in 2025

In this episode of This Week in NET (the second this week focused on building with AI), host João Tomé is joined by Steve Faulkner, Engineering Director at Cloudflare, to discuss how he rebuilt a Next.js-compatible framework in just one week using AI. The project, called vinext, began as an experiment and evolved into a working proof of concept.We explore what AI-first development looks like in practice, how coding agents were used to rewrite and test large API surfaces, and what happens when you treat dependencies as something you can regenerate rather than maintain manually.The results were surprising: faster local builds, smaller bundles, deployment to Workers with a single command, and a total AI token cost of roughly $1,100.We also discuss:• Using voice-to-code workflows (SuperWhisper + local models)• AI reviewing code multiple times• Whether AI-assisted rebuilds will become common• What this means for 2026 and beyondMentioned blog posts:How we rebuilt Next.js with AI in one week⏱️ Timestamps 0:12 — Introduction: the latest on the Cloudflare blog (monitoring post-quantum encryption and ASPA routing; JavaScript Streams — why we deserve a better API)3:22 — Steve’s role and Workers platform overview4:34 — How the idea came to be6:11 — When AI tools became “good enough”7:13 — Tooling setup: OpenCode, Claude, parallel agents9:03 — AI beyond coding: management and markdown workflows10:58 — What AI-first development actually means12:03 — Performance gains: 4x faster builds, 57% smaller bundles14:11 — ~$100 in tokens: the real cost15:35 — Deploying to Workers with one command17:25 — Community feedback and early adoption19:09 — Will AI rebuild other frameworks?20:25 — Voice-to-code workflows (SuperWhisper, Parakeet)23:31 — Traffic-Aware Pre-Generation (TPR) explained25:23 — Production caution and security26:19 — How to get started (use AI to migrate your app)27:12 — The big takeaway: AI is changing how we build software

In this episode of This Week in NET, host João Tomé is joined by Matt Curry to break down Code Mode: a way to give AI agents access to the entire Cloudflare API (2,500+ endpoints) using two tools and roughly ~1,000 tokens of context.  Instead of exposing thousands of individual tools (which quickly becomes expensive and brittle), Code Mode lets the model write JavaScript to search and execute against a compact API context. The result is massive compression, lower cost, and better performance.We also include demos showing how agents can query real infrastructure, navigate multiple accounts, and build things like multiplayer experiences using Durable Objects and WebSockets.⏱️ Timestamps 0:53 — Intro: agents, MCP, tokens, and what Code Mode means2:53 — Why exposing 2,500+ endpoints as tools doesn’t scale6:49 — How Code Mode works: generate an SDK and let the model write code9:57 — Demo: querying deployed Workers and infrastructure14:37 — Multiplayer with Durable Objects (live demo “wow” moment)24:32 — Compression stats: 2 million tokens → ~1,000 tokens27:26 — Code Mode SDK v2 and wrapping your own APIs31:52 — The Sandbox: running untrusted code safely38:03 — What’s next: progressive disclosure and MCP evolutionMentioned blog posts:Code Mode: give agents an entire API in 1,000 tokens

In this episode, host João Tomé is joined by Celso Martinho, VP of Engineering at Cloudflare, to discuss two major launches: Markdown for Agents and Moltworker (for OpenClaw) — and what they signal about the future of AI agents on the Internet.Celso explains how Markdown for Agents was conceived, built, and shipped in just one week, why AI systems prefer markdown over HTML, and how converting a typical blog post from 16,000 HTML tokens to roughly 3,000 markdown tokens can reduce cost, improve speed, and increase accuracy for AI models. We also explore Moltworker, a proof-of-concept showing how a personal AI agent originally designed to run on a Mac Mini can instead run on Cloudflare’s global network using Workers, R2, Browser Rendering, AI Gateway, and Zero Trust.We discuss observability for AI crawlers, new monetization models for publishers, the rapid growth of agent ecosystems, and why AI is becoming less hype and more infrastructure.Mentioned blog posts:Introducing Markdown for AgentsIntroducing Moltworker: a self-hosted personal AI agent, minus the minis⏱️ Timestamps1:15 — Introducing Markdown for Agents1:46 — From idea to ship in one week2:37 — Why AI systems prefer markdown over HTML3:30 — HTML “packaging” vs semantic content4:39 — How Cloudflare converts HTML to markdown in real time5:19 — Token savings: 16,000 vs 3,000 tokens6:29 — Context windows, cost, and AI efficiency8:21 — Tracking markdown trends in Cloudflare Radar9:05 — Live demo: content negotiation header with curl11:07 — AI projects in Lisbon: AI Search, PaperCrawl, and more12:36 — Observability and new monetization models for publishers13:56 — What is OpenClaw and why it went viral14:54 — From Hacker News to Cloudflare in hours17:06 — Running OpenClaw on Cloudflare instead of a Mac Mini18:05 — Why this is a proof of concept (not a product)20:06 — Architecture: Zero Trust, Workers, R2, Browser Rendering, AI Gateway22:32 — Demo: AI agent records and posts a video automatically24:53 — 10,000 GitHub stars and open source support26:11 — AI in 2026: intensifying work, not replacing it

In this episode of This Week in NET, host João Tomé is joined by Emily Hancock, Cloudflare’s Chief Privacy Officer and Data Protection Officer, for a wide-ranging conversation about privacy in 2026 and how the role has evolved in the age of AI.Emily explains how privacy officers shifted from GDPR compliance to broader data governance, responsible AI practices, cybersecurity collaboration, and cross-border data frameworks. We explore privacy by design, data minimization, vendor risk, government requests, warrant canaries, digital sovereignty, insider threats, and how AI is reshaping both attacker and defender capabilities.We also discuss Cloudflare’s approach to responsible AI, how teams use internal controls to avoid misuse of customer data, and why “human in the loop” remains essential for accuracy, safety, and trust.Check the Cloudflare Blog: blog.cloudflare.com1:53 — Blogs roundup 3:58 — How the CPO role has evolved since GDPR7:04 — From GDPR to AI governance9:46 — Privacy + cybersecurity: breaches, notifications, preparedness14:08 — “Fire doors” and incident containment14:56 — Privacy by design & data minimization20:07 — Government requests, due process, and transparency22:08 — Warrant canaries & what Cloudflare will never do23:17 — Digital sovereignty: localization and global differences26:25 — Data Localization Suite & Metadata Boundary28:06 — AI and privacy: rules, training, customer protections29:35 — Cloudflare’s AI principles31:32 — AI sovereignty & running inference close to users32:19 — “AI as an intern”: accuracy and human review34:31 — Protecting personal data when using AI36:20 — What’s coming in 2026: regulation & fragmentation38:37 — Insider threats & Zero Trust40:33 — Emily’s privacy wish list for 2026

In this episode, David Belson — Cloudflare’s Head of Data Insights — joins us to walk through the biggest Internet disruptions of late 2025 and early 2026.At the start, we also highlight several new posts on the Cloudflare Blog: Moltworker, a self-hosted personal AI agent built with OpenClaw (former MoltBot and ClawdBot) and Cloudflare’s Developer Platform; Post-Quantum Matrix Homeserver, a proof-of-concept encrypted messaging server running entirely on Cloudflare Workers; Route Leak Incident (Jan 22), what happened in Miami and how routing policy safeguards are being improved; Google’s AI Advantage, why crawler separation is needed for fair competition and better protection for publishers.We then go into the major Internet trends, including the storm-related disruption in three regions in Portugal this week. Our main focus is the government-directed nationwide shutdown in Iran. Then we also go over Q4 2025 disruptions: repeated weather-driven outages across Africa and the Caribbean, submarine cable failures, DNS anomalies, and the persistent risk of centralized points of failure. David also explains how Starlink’s global footprint is reshaping Radar visibility — and why the Internet remains remarkably resilient despite a turbulent quarter.Mentioned blog posts: Cable cuts, storms, and DNS: a look at Internet disruptions in Q4 2025Introducing Moltworker: a self-hosted personal AI agent, minus the minisRoute leak incident on January 22, 2026Building a serverless, post-quantum Matrix homeserver⏱️ Timestamps0:30 — Weekly blog roundup (Moltworker, Route Leak, Google’s AI Advantage)4:13 — Storm impact in Portugal: what Radar saw in Leiria, Santarém, and Coimbra11:55 — Iran’s multi-week Internet shutdown: scale, signals, and how it unfolded18:15 — The “National Information Network”: partial access, allowlisting, and blocked services21:24 — Power vs. connectivity: how electricity failures show up as Internet outages22:33 — Q4 global round-up: Jamaica, Sri Lanka, Indonesia, and cyclone-driven disruptions30:32 — Technical failures: ISP issues, DNS problems, routing mistakes, and what Radar detects33:47 — The future of Radar: Starlink visibility, provider-level metrics, and disruption heat maps

In this first 2026 edition of This Week in NET, João Tomé is joined by Patrick Day from Cloudflare’s Impact & Policy team to break down the recently released Cloudflare Impact Report — including how Cloudflare supports elections, protects journalists, advances Internet standards, and expands access to secure AI infrastructure.At the start, we also go over some of our recent blog posts:• Acquisitions: Astro and Human Native join the Cloudflare ecosystem.• Technical Deep Dive: How a small DNS optimization in 1.1.1.1 exposed a decades-old ambiguity in early Internet standards.• Global Trends: A severe government-directed Internet shutdown in Iran and BGP anomalies observed in Venezuela.Mentioned topics:Cloudflare Impact ReportThe Cloudflare Blog

In this end-of-year episode of This Week in NET, host João Tomé is joined by Omer Yoachimik, Senior Product Manager for DDoS Protection at Cloudflare, to break down the realities of the 2025 DDoS threat landscape — and what’s coming next.They discuss how DDoS attacks reached previously “theoretical” scales in 2025, including record-breaking 31 Tbps attacks, the rise of massive botnets like Aisuru, and how geopolitical events increasingly shape cyber activity. Omer explains why traditional scrubbing-center defenses are becoming obsolete, how Cloudflare’s autonomous, globally distributed mitigation works, and why automation and real-time intelligence are now essential.The conversation closes with practical advice for organizations, common myths about DDoS risk, and what to expect in 2026 as attacks grow larger, faster, and more sophisticated.DDoS threats related blog posts: https://blog.cloudflare.com/tag/ddos/

In this special Year in Review episode of This Week in NET, host João Tomé is joined by David Belson to break down the Cloudflare Radar 2025 Year in Review.Together, they explore what Cloudflare’s global network reveals about how the Internet evolved over the past year — from the rapid rise of AI crawlers and agent traffic, to record-breaking DDoS attacks, the spread of post-quantum encryption, and the growing impact of government-directed shutdowns and outages.The conversation looks at Internet resilience, security trends, and performance across countries, as well as what changed in Internet services, mobile platforms, and connectivity in 2025, and what these signals might tell us about 2026.Explore the full Radar Year in Review microsite.Read the related blog posts on the Cloudflare Blog:The 2025 Cloudflare Radar Year in Review: The rise of AI, post-quantum, and record-breaking DDoS attacksChatGPT's rivals, Kwai's quiet rise: the top Internet services of 2025

In this short episode of This Week in NET, Craig Dennis, Senior Developer Educator for AI at Cloudflare, explains why Replicate is joining Cloudflare, and what that means for developers building with AI.Replicate is widely known for making it easy to run thousands of high-quality AI models, from image generation and video to audio and language models, all through a simple, developer-friendly API. Craig breaks down why Replicate became such an important part of the AI ecosystem, and how bringing it into Cloudflare helps make Workers the best place to build and deploy AI and agentic workflows.And there’s a bonus: we’re giving away Replicate credits so you can try models yourself. Stay tuned to the episode to learn how to get access and start experimenting.Mentioned blog posts:Why Replicate is joining Cloudflare

In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability — deploying global protection before the public advisory was even released.That speed matters. In just the first 11 days after disclosure, Cloudflare observed more than 1 billion exploitation attempts related to React2Shell, with sustained pressure averaging over 4 million hits per hour, and peaks far higher. Threat actors quickly integrated the vulnerability into large-scale scanning and reconnaissance, targeting even critical infrastructure. If you run React, upgrading is urgent.Daniele explains how WAF rules are built, how new payload logging improvements help customers understand real attack traffic, and what’s coming next in 2026 — including Firewall for AI, fraud detection, and safer, gradual rule rollouts.To close the episode, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess app running inside ChatGPT, built with the Agents SDK and Cloudflare Workers.Mentioned blog posts:React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniquesCloudflare WAF proactively protects against React vulnerabilityGet better visibility for the WAF with payload logging

In this episode of This Week in NET, host João Tomé sits down with Stephanie Cohen, Cloudflare’s Chief Strategy Officer, for a candid conversation about AI, content creators, financial services, partnerships, and the future of the Internet.Stephanie shares how Cloudflare is helping keep the Internet open and resilient — from giving creators transparency and control over AI scraping, to enabling new models of agentic commerce through partnerships with Visa and Mastercard, to empowering organizations of all sizes through Cloudflare’s global network.The conversation also explores the rise of Agentic Commerce, where AI agents can complete secure payments on behalf of users. Stephanie explains how this shift is emerging, why trust and standards matter, and how Cloudflare is working with key financial institutions to make it safe.They also discuss what innovation looks like inside large companies, how AI is reshaping industries, and why Cloudflare sees itself as an enabler for both creators and the long tail of innovators.

Cloudflare Principal Network Engineer Tom Strickx joins This Week in NET to explain what really keeps the Internet running. From anchors cutting submarine cables to automation detecting bad Internet weather, Tom shares an inside look at how one of the world’s largest networks operates — and why human trust still matters in keeping the Internet alive.We talk about:How Cloudflare’s global network evolved since 2017The hidden fragility of the Internet (and why it still works)Routing leaks, Anycast, and automationAI’s growing role in network reliabilityWhat it’s like inside real data centersSubscribe for more weekly conversations on Internet trends, infrastructure, and technology:ThisWeekinNET.com