All news with #cloudflare tag

🔒 Cloudflare has simplified access to its CSAM Scanning Tool by removing the prior requirement for National Center for Missing and Exploited Children (NCMEC) credentials. The tool relies on fuzzy hashing to create perceptual fingerprints that detect altered images with high confidence. Since the change in February, monthly adoption has increased sixteenfold. Detected matches result in blocked URLs and owner notifications so site operators can remediate.

🔐 Cloudflare's Automatic SSL/TLS now upgrades origin-facing encryption by default, having strengthened over 6 million domains without operator intervention. The system scans origins, verifies content and certificates, then gradually ramps stronger SSL/TLS modes from 1% to 100% of traffic, aborting safely on failures. This prepares sites for the post-quantum era by favoring hybrid key agreements (X25519 + ML-KEM) and will soon automate post-quantum handshakes and ad-hoc rescans.

🛡️ Cloudflare proposes five practical principles to guide responsible AI bot behavior and protect web publishers, users, and infrastructure. The framework stresses public disclosure, reliable self-identification (moving toward cryptographic verification such as Web Bot Auth), a declared single purpose for crawlers, and respect for operator preferences via robots.txt or headers. Operators must also avoid deceptive or high-volume crawling, and Cloudflare invites multi-stakeholder collaboration to refine and adopt these norms.

🛡️ Cloudflare introduced the Content Signals Policy, an extension to robots.txt that lets site operators express how crawlers may use content after it has been accessed. The policy defines three machine-readable signals — search, ai-input, and ai-train — each set to yes/no or left unset. Cloudflare will add a default signal set (search=yes, ai-train=no) to managed robots.txt for ~3.8M domains, serve commented guidance for free zones, and publish the spec under CC0. Cloudflare emphasizes signals are preferences, not technical enforcement, and recommends pairing them with WAF and Bot Management.

🔐 Cloudflare's WARP client now supports post-quantum key agreement across both consumer (1.1.1.1) and enterprise (Cloudflare One Agent) offerings, tunneling traffic over MASQUE with hybrid post-quantum/classical ciphersuites. The upgrade provides immediate protection against harvest-now-decrypt-later attacks by wrapping user traffic in post-quantum MASQUE tunnels even when individual connections inside the tunnel are not yet PQ-protected. Cloudflare staged the rollout with temporary downgrades, phased population enablement, and an MDM override to balance robustness and downgrade-resistance while meeting FIPS/FedRAMP constraints.

🌐Cloudflare is prototyping a SaaS-to-SaaS proxy that consolidates SaaS connections through a single front door to improve monitoring, detection, and response. Two deployment models are proposed: a customer-controlled vanity hostname proxy that returns visibility to data owners, and a vendor-side reverse proxy that strengthens platform security. Both approaches use key splitting to avoid persisting full bearer tokens and enable instant revocation. Cloudflare is seeking feedback and offering early access.

🚨 Cloudflare reported that it mitigated a massive volumetric DDoS attack that peaked at 22.2 Tbps and 10.6 billion packets per second, lasting roughly 40 seconds. The traffic surge equated to streaming about one million 4K videos simultaneously and generated a packet rate roughly equal to 1.3 web page refreshes per person on Earth. Such extreme packet velocities strain firewalls, routers, and load balancers even where aggregate bandwidth may be handled. Cloudflare has provided limited technical detail on this and recent record attacks.

🔍 Check Point Research reports that Iranian-linked actor Nimbus Manticore has escalated cyber-espionage operations across Western Europe, with heightened targeting of organizations in Denmark, Sweden and Portugal. Attackers impersonate recruiters and use convincing fake career portals to deliver personalized credentials and malicious archives. The campaign leverages evolved backdoors—first seen as Minibike, now observed as MiniJunk and MiniBrowse—and employs multi-stage DLL sideloading into legitimate Windows binaries, including Microsoft Defender components, alongside valid code-signing certificates and compiler-level obfuscation to evade detection. Infrastructure hosted via Azure App Service and shielded by Cloudflare provides redundancy and rapid command-and-control recovery.

🚨 Cloudflare is introducing per-customer machine learning models that build dynamic baselines of legitimate traffic and detect behavioral anomalies to stop sophisticated, AI-driven scraping. The system ingests zone-level data to identify patterns like sequential page traversal or automated API access and then emits actionable outputs such as new Bot Detection IDs and adjustments to the Bot Score. Early beta results show hundreds of millions of flagged requests, and the capability will be available through Super Bot Fight Mode and Enterprise Bot Management.

🔒 Cloudflare today launched Application Confidence Scorecards, a new capability in the Cloudflare One SASE suite that automates safety and trust assessments for AI and SaaS applications. The feature combines an Application Posture Score and a Gen‑AI Posture Score to surface certifications, data‑management practices, security controls, and vendor maturity. Cloudflare crawls trust centers and public policies, uses LLMs for structured extraction and source validation, and pairs automated scoring with analyst review to reduce errors. Scores appear in the Application Library and can inform policy enforcement, warnings, or blocks so teams can reduce Shadow AI risk without manual audits.

🔧 Cloudflare announced financial sponsorships for two key open-source frontend projects, Astro and TanStack. The company is partnering with Webflow to support Astro and with Netlify to support TanStack, creating a coalition of contributors to bolster project sustainability. Cloudflare runs its developer documentation on Astro, citing its “zero JS by default” model and framework-agnostic approach as essential for fast, SEO-friendly docs. The announcement also highlights TanStack’s libraries and the release candidate for TanStack Start as strategic investments for building ambitious, type-safe web applications.

💳Cloudflare is partnering with Coinbase to form the x402 Foundation and to ship developer support for the x402 protocol, enabling machine-to-machine payments on the web. The announcement introduces a proposed deferred payment scheme that decouples cryptographic commitment from settlement, tailored to agentic use cases like pay-per-crawl. Developers can experiment with x402 today via Cloudflare's Agents SDK, MCP integrations, and a live x402 playground funded with Testnet USDC.

🛡️ Cloudflare is extending Project Galileo to include Bot Management and AI Crawl Control, giving participating journalists, independent publishers, and non-profits free tools to monitor and manage AI crawlers. These services help distinguish legitimate search crawlers from AI scrapers, analyze crawler behavior by type and provider, and apply tailored rules to protect content. The goal is to help news organizations preserve traffic, protect intellectual property, and negotiate fair compensation with AI companies.

🚀 Cloudflare will open select office locations as free coworking hubs for early-stage companies beginning January 2026. The pilot will allow a capped number of external visitors on select days in San Francisco, Austin, London, and Lisbon, with registration coordinated through the Cloudflare for Startups program. Visitors will have access to common spaces at no cost, with simple ground rules and cohort-based scheduling—no mandatory talks or obligations.

🚀 Cloudflare’s Workers Launchpad helps startups build and scale by providing cloud credits, technical mentorship, and direct access to product teams. Since expanding to a $2B funding commitment, the program has supported 145 startups across 23 countries, spanning AI, developer tools, and infrastructure. Cohort #6 introduces a new slate of founders and emphasizes hands-on collaboration, community, and pathways to funding and acquisition.

🚀Cloudflare will hire up to 1,111 interns in 2026 across global hub offices to accelerate the creative application of AI and broaden its talent pipeline. Interns will be embedded on cross-functional teams—from engineering and product to marketing, legal, and finance—and are expected to deliver concrete, customer-facing work. Positions are paid, typically 12 weeks in length, with hybrid in-office attendance and dedicated mentors. Software engineering applicants can be fast-tracked by submitting an AI-powered project built on Cloudflare.

🚀 Cloudflare has opened its Startup program to registered non-profit, civil society, and public interest organizations, offering up to $250,000 in credits to support developer and core services. Eligible groups can use credits for databases & storage, compute, AI, media, and performance and security tools. Applications are open now through December 1, 2025; awards will be made based on project description, technical needs, and expected impact. Applicants must be a registered 501(c)(3) or equivalent and describe the tool they plan to build or scale.

🚀 Cloudflare is offering 12 months of its paid Developer features free to eligible US students with a verified .edu billing email. The program expands usage allotments for Workers, Pages Functions, KV, Durable Objects, Hyperdrive, Workers Logpush, and Queues so students can build APIs, full‑stack apps, and data pipelines without immediate cost. Eligible accounts also gain access to a dedicated student Discord community and clear redemption steps for new and existing .edu accounts.

🔧 Cap'n Web is a compact, open-source RPC protocol and TypeScript implementation designed for the modern web stack. It provides an object-capability model with bidirectional calls, function and object references, and promise pipelining while using human-readable JSON for transport. The library runs in browsers, Node.js, and Cloudflare Workers, ships as a sub-10KB minified bundle, and integrates with TypeScript tooling. It's experimental but already used inside Cloudflare and released under the MIT license.

🌐 Cloudflare announced sponsorships for two independent open-source projects: Ladybird, a browser built from scratch with new LibWeb and LibJS engines, and Omarchy, an opinionated Arch Linux setup for developers. The company frames its contributions as unconditional, aimed at preserving diversity, privacy, security, and performance across client and developer tooling. Both projects are early-stage, invite community contributions, and may influence broader web platform standards and developer workflows.