Latest news with #Cloudflare
Engadget
2 hours ago
- Business
- Engadget
Cloudflare CEO says people aren't checking AI chatbots' source links
Companies that develop generative AI always make it a point to say that they include links to websites in the answers that their chatbots generate for users. But Cloudflare CEO Matthew Prince has revealed to Axios that search traffic referrals keep plummeting. Publishers are facing an existential threat, he said, because people aren't clicking through those chatbot links and are relying more and more on AI summaries without digging deeper. Prince told Axios that 10 years ago, Google sent a publisher one visitor for every two pages it had crawled. Six months ago, the ratio was one visitor for every six pages, and now it's one for every 18. OpenAI sent one visitor to a publisher for every 250 pages it crawled six months ago, while Anthropic sent one visitor for every 6,000 pages. These days, OpenAI sends one visitor to a publisher for every 1,500 pages, whereas Anthropic sends one visitor for every 60,000 pages. People have come to trust AI chatbots more over the past few months. The problem for publishers is that they don't earn from advertisements if people don't click through links leading to their websites, and that's why Prince is encouraging them to take action to make sure they're fairly compensated. Prince said Cloudflare is currently working on a tool to block bots that scrape content for large language models even if a web page already has a "no crawl" instruction. If you'll recall, several outlets had reported in 2024 that AI companies have been ignoring websites' Robots Exclusion Protocol, or files and taking their content anyway to train their technologies. Cloudflare has been looking for ways to block scrapers since last year. But it was only in March when Cloudflare officially introduced AI Labyrinth, which uses AI-generated content to "slow down, confuse, and waste the resources of AI Crawlers and other bots that don't respect 'no crawl' directives." It works by linking an unauthorized crawler a series of AI-generated pages that are convincing enough but don't actually have the contents of the site the tool it's protecting. That way, the crawler ends up wasting time and resources. "I go to war every single day with the Chinese government, the Russian government, the Iranians, the North Koreans, probably Americans, the Israelis, all of them who are trying to hack into our customer sites," Prince said. "And you're telling me, I can't stop some nerd with a C-corporation in Palo Alto?"
Techday NZ
13 hours ago
- Techday NZ
Cloudflare thwarts record 7.3 Tbps DDoS attack with automation
Cloudflare has confirmed it recently mitigated what it describes as the largest distributed denial-of-service (DDoS) attack ever publicly disclosed, clocking in at 7.3 terabits per second (Tbps), surpassing previous known records. The attack, which occurred in mid-May 2025, targeted a hosting provider customer utilising Cloudflare's Magic Transit service for network defence. According to Cloudflare data, this incident follows closely on the heels of attacks recorded at 6.5 Tbps and 4.8 billion packets per second, illustrating that DDoS attacks are continuing to increase in both scale and complexity. Cloudflare stated that the 7.3 Tbps attack was 12% larger than its previous record and 1 Tbps greater than another recent attack reported by security journalist Brian Krebs. Attack analysis The 7.3 Tbps DDoS attack delivered a total of 37.4 terabytes of data within a 45-second window. During the attack, the targeted IP address was bombarded across an average of 21,925 destination ports, reaching a peak of 34,517 destination ports per second. The distribution of source ports mirrored this targeting method. The attack employed several vectors but was dominated by UDP floods, constituting 99.996% of total traffic. The residual traffic, amounting to 1.3 GB, involved QOTD reflection, Echo reflection, NTP reflection, Mirai UDP floods, Portmap flood, and RIPv1 amplification techniques. Each vector was identified and catalogued, with Cloudflare detailing how organisations could protect both themselves and the broader Internet from such forms of abuse. Cloudflare explained that the UDP DDoS component worked by sending large volumes of UDP packets to random or specific destination ports, either to saturate the Internet link or overwhelm network appliances. Other vectors, such as the QOTD (Quote of the Day), Echo, NTP, Portmap, and RIPv1, exploited vulnerabilities in legacy protocols and services to reflect and amplify attack traffic onto target systems. Global scale The attack was notable for its global reach. Traffic originated from more than 122,145 source IP addresses across 5,433 autonomous systems in 161 countries. Nearly half of the attack traffic came from Brazil and Vietnam, accounting for around twenty-five percent each. The remainder was largely attributable to sources in Taiwan, China, Indonesia, Ukraine, Ecuador, Thailand, the United States, and Saudi Arabia. At an autonomous system level, Telefonica Brazil (AS27699) contributed 10.5% of attack traffic, with Viettel Group (AS7552), China Unicom (AS4837), Chunghwa Telecom (AS3462), and China Telecom (AS4134) among the other major sources. The attack saw an average of 26,855 unique source IP addresses per second, peaking at 45,097. Technical response Cloudflare utilised the global anycast architecture to divert and dissipate the massive influx of traffic. As packets arrived at Cloudflare's network edge, they were routed to the closest data centre. This incident was managed across 477 data centres in 293 locations worldwide, with some regions operating multiple facilities due to traffic volume. Detection and mitigation were handled by Cloudflare's automated systems, which operate independently in each data centre. The Cloudflare global network runs every service in every data centre. This includes our DDoS detection and mitigation systems. This means that attacks can be detected and mitigated fully autonomously, regardless of where they originate from. Upon arrival, data packets were intelligently distributed to available servers where they were sampled for analysis. Cloudflare employed the denial of service daemon (dosd), a heuristic engine that reviews packet headers and anomalies for malicious patterns. The system then generated multiple permutations of digital fingerprints specific to the attack, seeking patterns that maximised blocking efficacy while minimising impact on legitimate traffic. Within data centres, real-time intelligence was shared by servers multicasting fingerprint information, refining mitigation on both a local and global scale. When a fingerprint surpassed predefined thresholds, mitigation rules were compiled and deployed as extended Berkeley Packet Filter (eBPF) programs to block the offending traffic. Once the attack ceased, associated rules were removed automatically. Botnet feed and future mitigation Cloudflare also maintains a free DDoS Botnet Threat Feed to help Internet service providers and hosting companies identify malicious traffic originating within their own infrastructure. The company said that over 600 organisations have subscribed to this service, allowing them to receive up-to-date lists of offending IP addresses engaged in DDoS attacks. Recommendations from Cloudflare emphasise tailored defences to address the unique characteristics of each network or application, with care taken to ensure that mitigation steps do not inadvertently disrupt legitimate traffic, particularly for services that depend on UDP or legacy protocols. Cloudflare's team highlighted that these successful defences occurred entirely without human intervention, alerting, or incident escalation, underscoring the shift towards fully autonomous, distributed mitigation strategies in response to modern DDoS threats.
Tahawul Tech
16 hours ago
- Business
- Tahawul Tech
Cloudflare celebrates the 11th anniversary of its iconic free cybersecurity program Galileo
Cloudflare commemorates the 11th anniversary of Project Galileo, its flagship initiative delivering free cybersecurity protection to at‑risk public‑interest organizations across the globe. Since launching in June 2014, the program has defended journalists, human‑rights groups, independent media, environmental activists, and others working on the frontlines of democracy, civil society, and environmental justice. Highlights of Project Galileo's Eleventh Year: An interactive Cloudflare Radar report providing insights into the cyber threats faced by at-risk public interest organizations protected under the project. An expanded commitment to digital rights in the Asia-Pacific region with two new Project Galileo partners. New stories from organizations protected by Project Galileo working on the frontlines of civil society, human rights, and journalism from around the world. Tracking and reporting on cyberattacks with the Project Galileo 11th anniversary Radar report To mark Project Galileo's 11th anniversary, Cloudflare published a new Radar report that shares data on cyberattacks targeting organizations protected by the program. It provides insights into the types of threats these groups face, with the goal of better supporting researchers, civil society, and vulnerable groups by promoting the best cybersecurity practices. Key insights include: A growing trend in DDoS attacks against these organizations, becoming more common than attempts to exploit traditional web application vulnerabilities. Between May 1, 2024, to March 31, 2025, Cloudflare blocked 108.9 billion cyber threats against organizations protected under Project Galileo. This is an average of nearly 325.2 million cyber attacks per day over the 11-month period, and a 241% increase from our 2024 Radar report. Journalists and news organizations experienced the highest volume of attacks, with over 97 billion requests blocked as potential threats across 315 different organizations. The peak attack traffic was recorded on September 28, 2024. Ranked second was the Human Rights/Civil Society Organizations category, which saw 8.9 billion requests blocked, with peak attack activity occurring on October 8, 2024. Cloudflare onboarded the Belarusian Investigative Center, an independent journalism organization, on September 27, 2024, while it was already under attack. A major application-layer DDoS attack followed on September 28, generating over 28 billion requests in a single day. Many of the targets were investigative journalism outlets operating in regions under government pressure (such as Russia and Belarus), as well as NGOs focused on combating racism and extremism, and defending workers' rights. Tech4Peace, a human rights organization focused on digital rights, was targeted by a 12-day attack beginning March 10, 2025, that delivered over 2.7 billion requests. The attack saw prolonged, lower-intensity attacks and short, high-intensity bursts. This deliberate variation in tactics reveals a coordinated approach, showing how attackers adapted their methods throughout the attack. The full Radar report includes additional information on public interest organizations, human and civil rights groups, environmental organizations, and those involved in disaster and humanitarian relief. The dashboard also serves as a valuable resource for policymakers, researchers, and advocates working to protect public interest organizations worldwide. Global partners are the key to Project Galileo's continued growth Partnerships are central to the success of Project Galileo. Cloudflare relies on a network of 56 trusted civil society organizations around the world to identify and support groups that would benefit from its cybersecurity protection. With the help of these partners, the company continues to expand its reach, delivering vital tools and resources to communities most in need of digital defense. Continuing Support for Vulnerable Groups Worldwide In 2025, many of Cloudflare's Project Galileo partners have faced significant funding cuts, impacting their ability to support communities, defend human rights, and uphold democratic values. Amid these financial and logistical challenges, maintaining protection for these essential services has become more critical than ever. Cloudflare expresses gratitude to its civil society partners who continue to play a vital role in identifying at-risk organizations in need of support. Together, they are working toward a more secure, resilient, and open Internet for all. To learn more about Project Galileo and its global impact, visit Project Galileo case studies can be found here.
Yahoo
17 hours ago
- Business
- Yahoo
Should You Buy, Sell or Hold NET Stock After a 68.5% YTD Surge?
Cloudflare NET has enjoyed a remarkable 68.5% surge in the year-to-date period, outperforming the Zacks Internet - Software industry's return of 12.9%. With such a stellar performance, investors are left wondering — should they double down on NET stock, or is caution the wiser path? Image Source: Zacks Investment Research Cloudflare's secure access service edge (SASE) platform is gaining rapid adoption among enterprises as it offers modernized and simplified network security and connectivity. NET recently secured its longest SASE deal in the first quarter of fiscal 2025. The company has also expanded its geographical reach in Latin America through collaboration with TD SYNNEX. Since Cloudflare provides an end-to-end cloud-based secured SASE solution that simplifies the adoption process for its clients, it is winning larger deals. Cloudflare combines its Zero Trust security products like Cloudflare Gateway, remote browser isolation and cloud access security broker with its Network Services like Magic WAN, Magic Transit and Magic Firewall, Cloudflare Network Interconnect. Cloudflare's presence is rapidly expanding in the Zero Trust cybersecurity space, where it has made integrations with companies like Atlassian, Microsoft and Sumo Logic, to enable small, medium and large-sized businesses to secure reliable tools and applications with enterprise-ready Zero Trust security. Based on this approach, NET has been witnessing tremendous customer growth in Zero Trust solutions and network services like Magic Transit in Cloudflare One. For instance, Cloudflare One Zero Trust platform is used by more than 10,000 companies worldwide. Cloudflare Workers started as a serverless platform where developers could build, deploy, and scale applications across Cloudflare's global network. The platform was developed for convenience as it enables developers to take actions using a single command and reduces infrastructure management and configuration complexities and brings applications closer to users. The Workers AI tool integrated in the Workers developer platform has witnessed an explosive 4,000% year-over-year surge in inference requests as reported in first-quarter earnings. Cloudflare is now focusing on enriching its Workers platform with the Model Context Protocol server, which will enable clients to deploy AI agents to simplify tasks like managing workflows, handling transactions, or querying business data. These value additions to its platform will lead to upsells and customer acquisition, hence boosting this platform's growth. In its latest quarterly results, NET announced that its total customer base has reached the milestone of 250,819 paying customers, up 27% year over year. Due to all these positive factors, analysts are optimistic about the stock's future growth. The Zacks Consensus Estimate for fiscal 2025 and 2026 revenues is projected to grow 25.38% and 26%, respectively. The Zacks Consensus Estimate for 2025 and 2026 earnings is projected to grow 5.3% and 31.6%, respectively. Cloudflare beat the Zacks Consensus Estimates in three of the trailing four quarters while matching the same on one occasion, with an average surprise of 14.88%. Cloudflare, Inc. price-consensus-eps-surprise-chart | Cloudflare, Inc. Quote A substantial portion of the company's sales is derived from outside the United States. During the full years 2024, 2023, 2022, 2021 and 2020, NET earned approximately 49%, 48%, 47%, 48% and 49%, respectively, of its revenues from outside the United States. However, the U.S. government's aggressive stance on tariffs toward major economies is a concern for Cloudflare. Moreover, NET operates in a highly competitive environment. In its content delivery space, companies like Amazon AMZN, Akamai Technology and Fastly compete with Cloudflare. While in the cyber security space, a range of competitors like Palo Alto Networks PANW and Zscaler ZS compete with it. Amazon also competes with its developer platform through its general-purpose serverless and container-based edge deployment solutions. Alphabet is implementing AI in its Cloud Run solution, Amazon's AWS Lambda & Lambda@Edge leverage deep integrations with AWS services, robust tooling, and a mature developer base. Additionally, AWS Fargate is the AWS service that also enables serverless compute for containers. These solutions threaten the dominance of Cloudflare's developer platform. Palo Alto Networks' SASE platform has an active customer user base of more than 6,000. Palo Alto Networks achieved 36% year-over-year growth in SASE ARR and 16% growth in $1 million-plus deals in the third quarter of fiscal 2025, making it a dominant SASE player. Zscaler, on the other hand, leads the Zero Trust space and also offers SASE solutions. The company offers Zero Trust Network Access solutions through Zscaler Private Access, which enables secure application access without VPN. ZS is now moving toward the Zero Trust Everywhere model, which secures cloud, endpoint and network. Zscaler also provides a full SASE platform by combining identity access, private access and cloud protection. Cloudflare is trading at a 12-month forward P/S ratio of 25.43X, significantly above the industry average of 6.97X. Image Source: Zacks Investment Research While Cloudflare's recent stock surge and strong market position are encouraging, its high valuation warrants caution. Therefore, we believe new investors should wait for a better entry point and existing investors should retain Cloudflare, which currently carries a Zacks Rank #3 (Hold), given the modest growth prospects and a stretched valuation in the near term. You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Inc. (AMZN) : Free Stock Analysis Report Palo Alto Networks, Inc. (PANW) : Free Stock Analysis Report Zscaler, Inc. (ZS) : Free Stock Analysis Report Cloudflare, Inc. (NET) : Free Stock Analysis Report This article originally published on Zacks Investment Research ( Zacks Investment Research Error in retrieving data Sign in to access your portfolio Error in retrieving data Error in retrieving data Error in retrieving data Error in retrieving data
Globe and Mail
a day ago
- Business
- Globe and Mail
Should You Buy, Sell or Hold NET Stock After a 68.5% YTD Surge?
Cloudflare NET has enjoyed a remarkable 68.5% surge in the year-to-date period, outperforming the Zacks Internet - Software industry's return of 12.9%. With such a stellar performance, investors are left wondering — should they double down on NET stock, or is caution the wiser path? Cloudflare YTD Performance Chart Strength in SASE and Zero Trust Aids Cloudflare's Growth Cloudflare's secure access service edge (SASE) platform is gaining rapid adoption among enterprises as it offers modernized and simplified network security and connectivity. NET recently secured its longest SASE deal in the first quarter of fiscal 2025. The company has also expanded its geographical reach in Latin America through collaboration with TD SYNNEX. Since Cloudflare provides an end-to-end cloud-based secured SASE solution that simplifies the adoption process for its clients, it is winning larger deals. Cloudflare combines its Zero Trust security products like Cloudflare Gateway, remote browser isolation and cloud access security broker with its Network Services like Magic WAN, Magic Transit and Magic Firewall, Cloudflare Network Interconnect. Cloudflare's presence is rapidly expanding in the Zero Trust cybersecurity space, where it has made integrations with companies like Atlassian, Microsoft and Sumo Logic, to enable small, medium and large-sized businesses to secure reliable tools and applications with enterprise-ready Zero Trust security. Based on this approach, NET has been witnessing tremendous customer growth in Zero Trust solutions and network services like Magic Transit in Cloudflare One. For instance, Cloudflare One Zero Trust platform is used by more than 10,000 companies worldwide. Rapid Adoption of Workers Developer Platform Drives Cloudflare Cloudflare Workers started as a serverless platform where developers could build, deploy, and scale applications across Cloudflare's global network. The platform was developed for convenience as it enables developers to take actions using a single command and reduces infrastructure management and configuration complexities and brings applications closer to users. The Workers AI tool integrated in the Workers developer platform has witnessed an explosive 4,000% year-over-year surge in inference requests as reported in first-quarter earnings. Cloudflare is now focusing on enriching its Workers platform with the Model Context Protocol server, which will enable clients to deploy AI agents to simplify tasks like managing workflows, handling transactions, or querying business data. These value additions to its platform will lead to upsells and customer acquisition, hence boosting this platform's growth. In its latest quarterly results, NET announced that its total customer base has reached the milestone of 250,819 paying customers, up 27% year over year. Due to all these positive factors, analysts are optimistic about the stock's future growth. The Zacks Consensus Estimate for fiscal 2025 and 2026 revenues is projected to grow 25.38% and 26%, respectively. The Zacks Consensus Estimate for 2025 and 2026 earnings is projected to grow 5.3% and 31.6%, respectively. Cloudflare beat the Zacks Consensus Estimates in three of the trailing four quarters while matching the same on one occasion, with an average surprise of 14.88%. Key Challenges Faced by Cloudflare A substantial portion of the company's sales is derived from outside the United States. During the full years 2024, 2023, 2022, 2021 and 2020, NET earned approximately 49%, 48%, 47%, 48% and 49%, respectively, of its revenues from outside the United States. However, the U.S. government's aggressive stance on tariffs toward major economies is a concern for Cloudflare. Moreover, NET operates in a highly competitive environment. In its content delivery space, companies like Amazon AMZN, Akamai Technology and Fastly compete with Cloudflare. While in the cyber security space, a range of competitors like Palo Alto Networks PANW and Zscaler ZS compete with it. Amazon also competes with its developer platform through its general-purpose serverless and container-based edge deployment solutions. Alphabet is implementing AI in its Cloud Run solution, Amazon's AWS Lambda & Lambda@Edge leverage deep integrations with AWS services, robust tooling, and a mature developer base. Additionally, AWS Fargate is the AWS service that also enables serverless compute for containers. These solutions threaten the dominance of Cloudflare's developer platform. Palo Alto Networks' SASE platform has an active customer user base of more than 6,000. Palo Alto Networks achieved 36% year-over-year growth in SASE ARR and 16% growth in $1 million-plus deals in the third quarter of fiscal 2025, making it a dominant SASE player. Zscaler, on the other hand, leads the Zero Trust space and also offers SASE solutions. The company offers Zero Trust Network Access solutions through Zscaler Private Access, which enables secure application access without VPN. ZS is now moving toward the Zero Trust Everywhere model, which secures cloud, endpoint and network. Zscaler also provides a full SASE platform by combining identity access, private access and cloud protection. NET's Valuation Suggests the Stock's Overvaluation Cloudflare is trading at a 12-month forward P/S ratio of 25.43X, significantly above the industry average of 6.97X. Cloudflare Forward 12 Month P/S Valuation Chart What Should Investors Do? While Cloudflare's recent stock surge and strong market position are encouraging, its high valuation warrants caution. Therefore, we believe new investors should wait for a better entry point and existing investors should retain Cloudflare, which currently carries a Zacks Rank #3 (Hold), given the modest growth prospects and a stretched valuation in the near term. You can see the complete list of today's Zacks #1 Rank (Strong Buy) stocks here. Only $1 to See All Zacks' Buys and Sells We're not kidding. Several years ago, we shocked our members by offering them 30-day access to all our picks for the total sum of only $1. No obligation to spend another cent. Thousands have taken advantage of this opportunity. Thousands did not - they thought there must be a catch. Yes, we do have a reason. We want you to get acquainted with our portfolio services like Surprise Trader, Stocks Under $10, Technology Innovators, and more, that closed 256 positions with double- and triple-digit gains in 2024 alone. See Stocks Now >> Want the latest recommendations from Zacks Investment Research? Today, you can download 7 Best Stocks for the Next 30 Days. Click to get this free report Inc. (AMZN): Free Stock Analysis Report Palo Alto Networks, Inc. (PANW): Free Stock Analysis Report Zscaler, Inc. (ZS): Free Stock Analysis Report Cloudflare, Inc. (NET): Free Stock Analysis Report
