Cloudflare
226 tracked updates · May 2026
93 feature updates·15 FEATURE UPDATE·6 new integrations·5 pricing updates·5 product launches·4 technical updates·4 events·4 case studies
Browse other months from Cloudflare
Cloudflare Realtime SFU eliminates regional dependencies and scalability limits of traditional centralized SFUs by leveraging Cloudflare’s global network of 250+ locations. It uses a decentralized arc…
Cloudflare introduced a WebSocket adapter in beta for its Realtime SFU, enabling bidirectional streaming between WebRTC tracks and WebSocket endpoints. The adapter supports ingesting audio via WebSock…
Pricing updated for Cloudflare: - Free: promotion ended (was: forever)
Cloudflare opened registration for its Cloudflare Connect 2026 conference in San Francisco (Oct 19–22), targeting 2,000+ attendees with early-bird pricing at $595 (until June 30). The event includes o…
Pricing updated for Cloudflare: - Free: new promotion — forever
Cloudflare released a beta version of its macOS Cloudflare One Client (2026.5.1155.1) featuring a redesigned, cleaner UI with improved navigation and access to common actions. The update targets user …
Cloudflare released a Beta version of its Windows Cloudflare One Client (2026.5.1155.1) featuring a redesigned, cleaner UI with improved navigation and access to common actions. The update targets use…
Cloudflare updated fields across several Logpush datasets on May 29, 2026, adding new fields like DeviceRegistrationProfileID in DEX Device State Events, AddedHeaders/DeletedHeaders/SetHeaders in Gate…
Cloudflare’s Realtime WebSocket adapter now automatically reconnects and buffers WebRTC media after brief endpoint disconnects or restarts in Stream mode. The SFU retries the same endpoint for up to 5…
Cloudflare’s Radar post-quantum TLS support checker now detects and reports specific TLS bugs during handshake tests, including Split ClientHello, HRR Failure, and Unknown Keyshare. Results provide re…
Cloudflare introduced `sandbox.tunnels` to expose Sandbox services via public preview URLs. Quick tunnels generate zero-config `*.trycloudflare.com` URLs, while named tunnels bind persistent custom ho…
Cloudflare’s Security Insights scans now run more frequently by default: Free accounts every 7 days, Pro/Business every 3 days, and Enterprise daily. All accounts and zones are scanned by default, and…
Cloudflare’s RealtimeKit now supports track recording, enabling separate WebM audio files for individual participants instead of a single composite recording. Users can specify which participants to r…
Cloudflare introduced a new /screenshot endpoint under its Browser Run service, enabling programmatic capture of fully rendered webpages via HTML or URL input. The endpoint supports authenticated page…
Cloudflare added a /pdf endpoint to its Browser Run service, enabling users to generate PDFs from webpages or custom HTML via REST API or Workers binding. The feature supports advanced customization l…
Cloudflare introduced a /content endpoint under its Browser Run service to capture fully rendered HTML from JavaScript-heavy websites after execution, including the head section. The endpoint supports…
Cloudflare introduced a new /markdown endpoint under its Browser Run service, converting webpage content to Markdown format via REST API or Workers binding. Users can specify URLs or raw HTML, with op…
Cloudflare introduced a new /json endpoint in Browser Run that uses AI to extract structured JSON data from webpages. The endpoint accepts either a prompt or a JSON schema for output formatting and in…
Cloudflare introduced a new /scrape endpoint under its Browser Run service to extract structured data from specific HTML elements on webpages. The endpoint supports REST API and Workers binding method…
Cloudflare introduced a new /links endpoint under Browser Run that retrieves all links from a webpage, including hidden ones, via REST API or Workers binding. The endpoint accepts either a URL or raw …
Cloudflare introduced a new /snapshot endpoint in Browser Run that captures both HTML content and a screenshot of a webpage in a single API request. The endpoint returns the HTML as text and the scree…
Cloudflare introduced Flagship, a feature flagging system integrated with Cloudflare Workers via a binding API. Developers can create boolean flags (e.g., new-checkout) and evaluate them in Workers us…
Cloudflare launched Workers VPC in beta, allowing Workers to securely connect to private APIs, services, and databases in external clouds (AWS, Azure, GCP, on-prem) via Cloudflare Tunnel. The feature …
Cloudflare introduced Network Analytics v2, offering near real-time visibility into network and transport-layer traffic and DDoS attacks. The update requires an Enterprise plan, Magic Transit or Spect…
Cloudflare introduced Town Lake, a unified data analytics platform replacing dozens of disparate systems with a single SQL interface, and Skipper, an AI agent enabling natural-language queries. Both a…
Cloudflare’s Email Service now supports display names for recipient addresses (to, cc, bcc, from) in addition to plain email strings. Developers can pass objects with email and optional name fields vi…
Cloudflare introduced usage-based pricing for R2 Data Catalog operations and compaction, with billing not yet enabled. Catalog operations cost $9/million, compaction $0.005/GB and $2/million objects, …
Cloudflare introduced usage-based pricing for R2 SQL at $2.50 per TB of data scanned, with a free tier of 1 GB/month on all plans and 10 GB/month on paid plans. Billing is not yet active, with at leas…
Cloudflare introduced usage-based pricing for its Pipelines streaming data platform, charging $0.04/GB for SQL transforms and $0.03–$0.06/GB for sink delivery, while ingress remains free. Free Workers…
Cloudflare introduced a `quickAction()` binding for Workers to call Browser Run Quick Actions directly, eliminating API tokens and external HTTP requests. Developers can now capture screenshots, gener…
Cloudflare added high availability replica management to its Mesh dashboard, allowing users to view per-replica details, identify active/passive replicas, and manually trigger failover with a single c…
Cloudflare introduced track recording in RealtimeKit, enabling separate WebM files for each participant’s audio instead of a single composite recording. This feature supports post-processing, transcri…
Cloudflare’s Wrangler CLI now supports using `wrangler containers ssh` as an OpenSSH ProxyCommand, enabling local SSH clients to connect directly to running Containers. The feature allows seamless dat…
Cloudflare introduced a standalone dashboard for its R2 Data Catalog, replacing the embedded settings panel. The new experience includes a guided setup wizard, dedicated settings per catalog, and buil…
Cloudflare launched Flows, a feature enabling automated, no-code image optimization via conditional rules that trigger optimization parameters like format conversion (AVIF/WebP) or responsive sizing. …
Cloudflare introduced automated connectivity pre-checks in cloudflared version 2026.5.2 that run every tunnel startup, validating DNS resolution, UDP/TCP connectivity on port 7844, and management API …
Hutchison Telecom Hong Kong (HTHK) consolidated security and performance onto Cloudflare’s single global platform to modernize its infrastructure, reducing operational complexity and costs while impro…
Kaizen Gaming, a major sports betting platform with 13M users, reduced backend load by 99% and cut bandwidth costs by over 90% by adopting Cloudflare Durable Objects. The edge-computing solution aggre…
Canva leverages Cloudflare’s connectivity cloud to secure and scale its global SaaS platform, supporting 260M monthly users. The partnership enables Zero Trust security, bot management, Workers-driven…
Skyscanner replaced its legacy VPN with Cloudflare’s Zero Trust Network Access, improving global workforce security, simplifying access workflows, and reducing latency to under 200ms for users in Asia…
Cloudflare Tunnel’s cloudflared binary (v2026.5.2+) now runs automated connectivity pre-checks at startup, replacing manual DNS and port checks with dig/netcat. The feature detects DNS issues, UDP/TCP…
Cloudflare introduced an AI tool in Cloudflare One Gateway that lets users write and explain regex patterns using plain English. The feature generates and validates regex for policy selectors and can …
Cloudflare introduced transformation flows in Images, enabling automated, no-code image optimization rules based on conditions like file extensions or URL paths. The feature supports provider flows fo…
Cloudflare released the GA version 2026.4.1390.0 of its macOS Cloudflare One Client, featuring a redesigned UI that improves usability and access to common actions. The update is available immediately…
Cloudflare released the GA version 2026.4.1390.0 of its Windows Cloudflare One Client, featuring a redesigned, cleaner, and more intuitive UI with easier access to common actions. The update is availa…
Cloudflare introduced bidirectional health checks as the default for WAN tunnels (GRE/IPsec) and clarified anti-replay protection settings, including a default-disabled option for devices like Cisco M…
Pricing updated for Cloudflare: - Plan features or structure changed
Cloudflare released the General Availability (GA) version 2026.4.1390.0 of its Cloudflare One Client for Linux, featuring a new UI with a cleaner, more intuitive design and easier access to common act…
Pricing updated for Cloudflare: - Free: promotion ended (was: forever)
Cloudflare launched a unified REST API for its AI Gateway, enabling users to call any AI model—hosted by Cloudflare or third parties like OpenAI and Anthropic—through a single API with built-in featur…
Cloudflare launched Unified Billing for AI Gateway, enabling users to consolidate spending on third-party AI providers (OpenAI, Anthropic, Google AI Studio) into a single Cloudflare bill. A 5% fee app…
Cloudflare updated its Tunnel documentation to emphasize outbound-only connectivity via the cloudflared daemon, enabling secure access to private resources (HTTP, SSH, RDP) without public IPs. This mo…
Cloudflare updated its policy system to expose underlying data principles via API, allowing more flexible permission management. Effective permissions are now additive, combining direct assignments an…
Cloudflare introduced granular permissions to scope member access to individual Tunnel instances, enabling teams to manage specific Tunnels without account-wide access. Existing account-level roles re…
Cloudflare now returns a consistent BYPASS status for all uncacheable responses, replacing the previous mix of BYPASS and MISS labels. This change clarifies whether Cloudflare deliberately chose not t…
Cloudflare introduced Flagship, a feature flagging system now in public beta, enabling direct evaluation from Cloudflare Workers without outbound HTTP calls. It leverages Workers KV and Durable Object…
Cloudflare announced Connect on Tour Sydney, a one-day event on July 30, 2026, at Hilton Sydney, targeting innovators in security, networking, and AI. The event will showcase unified platform solution…
Cloudflare announced the third edition of Immerse São Paulo, a one-day event on April 16, 2026, at the Renaissance São Paulo Hotel. The event focuses on practical strategies for modernizing infrastruc…
Cloudflare announced the rescheduling of its Immerse roadshow in Boston on April 16, 2026, targeting security, IT, and digital leaders. The event will focus on Zero Trust, SASE, DDoS, application secu…
Cloudflare added support for Workers VPC Network bindings to route requests to private services connected via Cloudflare WAN, including tunnels, Mesh nodes, or on-ramps. A single binding can now reach…
Cloudflare introduced a new REST API for AI Gateway enabling unified calls to any AI model (OpenAI, Anthropic, Google, or Workers AI) via a single endpoint and authentication method. All AI Gateway fe…
Cloudflare introduced granular permissions for Cloudflare Tunnel instances and Mesh nodes, allowing administrators to delegate access to specific resources without granting full account-level control.…
Cloudflare launched a redesigned Billing Profile consolidating billing info, payment methods, and subscriptions under a single Subscriptions tab. The update adds support for Apple Pay, Google Pay, Lin…
Cloudflare released a new API endpoint in Radar that retrieves HTTP request distributions grouped by 15+ dimensions such as ASN, bot class, content type, device, and TLS version. The endpoint supports…
Cloudflare now allows its own platform to serve as an identity provider for Access policies, enabling authentication based on Cloudflare account membership. Users can restrict access to specific accou…
Pricing updated for Cloudflare: - Free: new promotion — forever
Pricing updated for Cloudflare: - New tier: Pay-as-you-go ($7/mo user) - Removed: Free (Teams) tier - Removed: Pay-as-you-go (Teams) tier - Removed: Contract (Teams) tier
Cloudflare announced Immerse, a premier roadshow event in Toronto on May 20, 2026, targeting security, IT, and digital leaders. The event focuses on Zero Trust, SASE, DDoS, application security, and A…
Pricing updated for Cloudflare: - New tier: Free (Teams) ($0/mo) - New tier: Pay-as-you-go (Teams) ($7/mo per user) - New tier: Contract (Teams) (Custom pricing) - Removed: Teams (under 50 users) tier…
Pricing updated for Cloudflare: - New tier: Teams (under 50 users) ($0/mo) - New tier: Teams (over 50 users) ($7/mo per user) - New tier: Contract (SASE/Workspace) (Custom pricing) - Removed: Pay-as-y…
Cloudflare deployed enhancements to its WAF managed ruleset on May 20, 2026, improving detection resilience against web attacks and behavioral coverage. A new rule targeting Sitecore cache poisoning (…
Cloudflare Radar introduced two new charts on its traffic page: a content type distribution chart and an API traffic share chart. The content type chart breaks down HTTP response types by category wit…
Cloudflare is rolling out a refreshed DNS records page in its dashboard starting May 20, 2026, with opt-in availability for all users. The update introduces resizable columns, advanced filters, a mobi…
Cloudflare Artifacts now emits structured events for repository lifecycle changes (creates, deletes, forks, imports, clones, pushes, fetches) that can be subscribed to via Cloudflare Queues. Developer…
Cloudflare and Anthropic launched an integration enabling Claude Managed Agents to run on Cloudflare Sandboxes, offering enhanced security, observability, and scalability. The integration provides lig…
Pricing updated for Cloudflare: - Free: now includes Teams under 50 users or enterprise proof-of-concept tests. - Contract: now includes Organizations building toward full-featured SASE or workspace s…
Pricing updated for Cloudflare: - Plan features or structure changed
Cloudflare introduced event subscriptions for Artifacts lifecycle events, enabling real-time notifications for repository changes. Developers can now consume these events via Workers to build commit-d…
Cloudflare Radar introduced MRT Explorer, a browser-based tool that parses Multi-Threaded Routing Toolkit (MRT) dump files to inspect BGP messages, AS paths, and community attributes without uploading…
Cloudflare Access now allows users to authenticate using their existing Cloudflare accounts, replacing One-time PINs as the default identity provider for new Zero Trust accounts. The update includes a…
Cloudflare introduced new Wrangler commands to manage Artifacts namespaces, repositories, and repo-scoped tokens, currently in private beta. The commands include listing, creating, retrieving, and del…
Cloudflare now lets developers expose local Wrangler or Vite dev servers via Cloudflare Tunnels, enabling public sharing of previews or webhook testing. Users can generate random or stable hostnames (…
Cloudflare’s Project Glasswing tested Anthropic’s Mythos Preview LLM, finding it capable of constructing exploit chains from multiple vulnerabilities and generating working proofs of concept—capabilit…
Cloudflare introduced a feature allowing developers to share local dev sessions through Cloudflare Tunnel using Wrangler or the Vite plugin, generating a public URL for previews, webhook testing, or c…
Cloudflare introduced new Wrangler CLI commands to manage Artifacts namespaces, repos, and repo-scoped tokens directly from the command line. The update includes commands for listing, creating, retrie…
Cloudflare discontinued support for the deprecated `wrangler dev --remote` flag for KV-backed Durable Objects on May 18, 2026. The flag was never compatible with the recommended SQLite storage backend…
Cloudflare now supports Network Analytics for accounts using Unified Routing, providing visibility into dataplane traffic without additional configuration. This resolves a parity gap for customers who…
Cloudflare WAN now supports post-quantum IPsec tunnels using ML-KEM-768 hybrid key exchange (RFC 9370) alongside classical DH groups, enhancing resistance to harvest-now-decrypt-later attacks. Both GR…
Cloudflare introduced R2 Data Catalog, a managed Apache Iceberg data catalog integrated directly into R2 buckets, now in public beta. The feature enables standard Iceberg REST catalog interfaces for t…
Cloudflare documented expanded SQL support in R2 SQL, including JOINs (all types), common table expressions (CTEs), and subqueries in FROM/IN/NOT IN/EXISTS clauses. The engine remains in public beta a…
Cloudflare’s Workers AI platform now hosts 78 models, including frontier-scale text generators like Moonshot AI’s Kimi K2.6 and OpenAI’s gpt-oss-120b, multimodal models such as Meta’s Llama 4 Scout, a…
Pricing updated for Cloudflare: - Free: promotion ended (was: forever)
Pricing updated for Cloudflare: - Plan features or structure changed
Cloudflare’s R2 SQL now supports JOINs, subqueries, and multi-table queries for Iceberg tables stored in R2 Data Catalog. This enables complex analytical queries directly on Cloudflare’s global networ…
Cloudflare issued an emergency WAF update on May 15, 2026, adding two new rules to block exploitation attempts targeting a critical nginx heap buffer overflow vulnerability (CVE-2026-42945). The rules…
Pricing updated for Cloudflare: - Free: new promotion — forever
Pricing updated for Cloudflare: - New tier: Free ($0/mo) - New tier: Pro ($25/mo ($20/mo annually, 20% off)) - New tier: Business ($250/mo ($200/mo annually, 20% off)) - New tier: Contract (Custom pri…
Cloudflare introduced Custom Domains for Workers, enabling automatic DNS record creation and certificate issuance for domain or subdomain routing without manual configuration. This simplifies deployme…
Cloudflare Workers now supports two types of preview URLs—versioned and aliased—to test new Worker versions without deploying to production. Versioned previews auto-generate for each new version, whil…
Cloudflare identified a hidden bottleneck in ClickHouse query planning after migrating to a per-namespace partitioning scheme, causing lock contention that slowed billing jobs. They fixed it with shar…
Cloudflare introduced a new Domains tab in the Workers dashboard, enabling users to purchase domains via Cloudflare Registrar, add existing domains, and manage Worker routing in one place. The feature…
Cloudflare introduced new AI chat agent APIs—AIChatAgent and useAgentChat—built on Durable Objects and SQLite for automatic message persistence, resumable streaming, and real-time sync. The APIs suppo…
Cloudflare introduced One-time PIN (OTP) login as an alternative authentication method in its Zero Trust Access service, allowing users to receive a PIN via email instead of relying solely on identity…
Cloudflare rebuilt its Browser Run headless browser service on Cloudflare Containers, increasing concurrent browser capacity from 30 to 120 and spin-up rate from 15 to 60 browsers per minute. Quick Ac…
Cloudflare added support for Anthropic’s Claude Compliance API in its CASB, enabling enterprises to monitor and control Claude usage directly in the Cloudflare dashboard without endpoint agents. The i…
Cloudflare expanded its Cloudflare Workers starter templates with over 15 new GitHub repositories designed to accelerate project setup, including Astro blogs, AI chat apps, Durable Objects-based chat,…
Cloudflare now blocks AI company crawlers by default via its AI Crawl Control, having launched the feature in September 2024. It is also developing a 'Pay Per Crawl' model to let websites charge AI fi…
Cloudflare’s /cdn-cgi/rum beacon endpoint now returns a 405 Method Not Allowed (with Allow: POST, OPTIONS header) for non-POST requests instead of 404, clarifying that the endpoint exists but only acc…
Cloudflare introduced two new Logpush datasets—Email Security Post-Delivery Events and Magic Network Monitoring Flow Logs—along with updated fields in existing datasets like Firewall events and HTTP r…
Cloudflare released Agents SDK v0.12.4 with chat recovery improvements for interrupted sessions, durable Think submissions that persist across restarts, routing retry configuration, and Voice agent co…
Cloudflare updated its Cloudflare One Appliance documentation to clarify deployment options, including pre-installed hardware appliances and downloadable virtual appliances. Both options enable IPsec …
Cloudflare added support for configuring custom DHCP options in its Cloudflare One Appliance DHCP server, enabling PXE/iPXE boot, VoIP provisioning, and vendor-specific client configurations. Changes …
Cloudflare expanded Cloudflare One Virtual Appliance capabilities with self-serve provisioning via API or Terraform, enabling direct creation, license rotation, and deletion of virtual appliances. The…
Cloudflare introduced new metrics and analytics for R2 Data Catalog, enabling programmatic monitoring of Iceberg REST API operations and table maintenance jobs (compaction, snapshot expiration) via th…
A bug in the Linux CUBIC congestion control algorithm, originally fixed in the kernel, was ported to Cloudflare's QUIC implementation (quiche) where it caused the congestion window to remain pinned at…
Patch Changes #13866 4e44ce6 Thanks @dependabot ! - Update dependencies of "miniflare", "wrangler" The following dependency versions have been updated: Dependency From To workerd 1.20260507.1 1.202605…
Patch Changes #13855 dba84c2 Thanks @courtney-sims ! - Temporarily hardcode asset worker cohort to "ent" for latency testing Disables the lookupCohort RPC call and cohort-based version routing in the …
Patch Changes #13888 2af4ce0 Thanks @jamesopstad ! - Update Vite to v8.0.12 This updates the bundled Vite module runner to include the bug fix in vitejs/vite#22369 . Updated dependencies [ 4e44ce6 , b…
Patch Changes Updated dependencies [ 4e44ce6 , b0cee1d , d878e13 , 971dfe3 , 971dfe3 , 5d936c5 ]: miniflare@4.20260508.0 wrangler@4.90.1
Patch Changes #13873 a6914bd Thanks @dependabot ! - Update dependencies of "create-cloudflare" The following dependency versions have been updated: Dependency From To create-vike 0.0.622 0.0.625 #1387…
Patch Changes Updated dependencies [ 4e44ce6 , 5d936c5 ]: miniflare@4.20260508.0
Minor Changes #8431 5d936c5 Thanks @penalosa ! - Support workerd autogates via the MINIFLARE_WORKERD_AUTOGATES environment variable. Patch Changes #13866 4e44ce6 Thanks @dependabot ! - Update dependen…
Cloudflare deployed and updated WAF rules to block remote code execution (RCE) vulnerabilities, including a new rule for CVE-2025-55182 in React Server Components and enhancements for Monsta FTP, Fort…
Cloudflare introduced new WAF rules to block the Next.js authentication bypass vulnerability (CVE-2025-29927), initially opting rules in for Pro plans and above. The rules target requests with the `x-…
Cloudflare will release three new WAF managed rules on May 11, 2026, targeting Java deserialization-based remote code execution across request body, headers, and URI. These rules will initially be dis…
Cloudflare Gateway now lets administrators create DNS, HTTP, and Network firewall policies by describing desired outcomes in plain language. The AI generates a fully configured rule that incorporates …
Cloudflare now assigns a single IPv4 anycast address by default to new Magic Transit and Cloudflare WAN accounts. The anycast IP automatically advertises from multiple global data centers to handle ne…
Cloudflare’s R2 Data Catalog now exposes metrics via the GraphQL Analytics API, enabling monitoring of Iceberg REST API operations and table maintenance jobs. Two new datasets—`r2CatalogDataOperations…
Cloudflare now enables SSH through Wrangler by default for its Containers product, removing the need to manually set `ssh.enabled` to `true`. Access remains secure, requiring an `ssh-ed25519` public k…
Cloudflare updated its Access login and one-time password pages with a modernized design featuring a unified authentication card, consistent button styling, and improved mobile responsiveness includin…
Cloudflare released the GA version 2026.4.1350.0 of its Windows Cloudflare One Client, featuring a redesigned, cleaner UI with improved navigation and access to common actions. The update is available…
Cloudflare released the GA version 2026.4.1350.0 of its macOS Cloudflare One Client, featuring a redesigned, cleaner UI with improved navigation and access to common actions. The update is available i…
Cloudflare released the general availability version 2026.4.1350.0 of its Linux Cloudflare One Client, featuring a redesigned UI that improves usability and access to common actions. The update is ava…
Cloudflare deployed managed WAF rule enhancements on May 11, 2026, improving detection resilience against web attacks and behavioral coverage. A new rule for Java Deserialization was merged into an ex…
Cloudflare IPsec now supports standard NAT traversal (NAT-T), allowing IKE to begin on UDP port 500 and switch to port 4500 after NAT detection. Previously, devices behind NAT had to initiate IKE on p…
Cloudflare introduced GLM-4.7-Flash, a high-performance multilingual text generation model with a 131,072-token context window, optimized for dialogue, instruction-following, and multi-turn tool calli…
Cloudflare added Google’s Gemma 4 26B a4b-it model to its Workers AI platform, offering a 256,000-token context window, function calling, reasoning, and vision capabilities. Pricing is $0.10 per M inp…
Cloudflare will deprecate 18 older models in its Workers AI catalog on May 30, 2026, replacing them with newer alternatives like GLM-4.7-Flash and Gemma-4-26B. Kimi K2.5 will be aliased to K2.6, which…
Cloudflare announced mitigations for multiple high-severity vulnerabilities in React Server Components and Next.js, including denial-of-service, middleware bypass, SSRF, XSS, and cache poisoning. Exis…
Cloudflare announced a global workforce reduction of over 1,100 employees, citing a need to rearchitect the company for the agentic AI era. The decision is framed as a strategic shift to align with in…
Minor Changes #12279 248bc08 Thanks @penalosa ! - Add deprecation warning for delivery_delay in queue producer bindings The delivery_delay setting in [[queues.producers]] was silently having no effect…
Cloudflare Stream now supports direct API bindings within Workers, enabling programmatic video uploads, direct client-side uploads, video listing, captioning, watermarking, and download management wit…
Cloudflare Workers now offers automatic tracing instrumentation to provide end-to-end visibility into request flows across applications, enabling performance bottleneck identification and debugging wi…
Cloudflare Workers now supports Service Bindings, enabling direct, zero-overhead communication between Workers without public URLs. This feature allows RPC-style method calls or HTTP-based fetch reque…
Cloudflare Workers now supports exporting OpenTelemetry-compliant traces and logs to any OTel-compatible destination, enabling integration with existing observability stacks. Users can configure desti…
Patch Changes #13824 dd3baf3 Thanks @emily-shen ! - Fix container deployment being skipped for Workers for Platforms user workers Previously, deploying a worker with --dispatch-namespace would early-e…
Minor Changes #13055 f3fed88 Thanks @GregBrimble ! - Introducing the cache configuration option for Workers. You can now set { cache: { enabled: true } } in your Wrangler configuration file to enable …
Cloudflare disclosed a Linux kernel local privilege escalation vulnerability (CVE-2026-31431, 'Copy Fail') on April 29, 2026, and confirmed no customer impact or service disruption. Their existing beh…
Cloudflare introduced source-based breakout and prioritization rules for Cloudflare One Appliance, allowing traffic matching by source LAN, VLAN, or CIDR in addition to destination. This enables granu…
Cloudflare enabled custom DHCP option configuration on its Cloudflare One Appliance DHCP server, supporting PXE/iPXE boot, VoIP provisioning, and vendor-specific client setups. Options are validated b…
Cloudflare introduced CSV export functionality and adjustable page density (10/25/50 records) for Requests for Information (RFI) in the Cloudforce One platform. These updates target power users managi…
Cloudflare introduced API and Terraform support for self-serve provisioning of Cloudflare One Virtual Appliance instances, including license key creation, rotation, and deletion. Users can now automat…
Cloudflare deployed managed WAF rules to mitigate newly disclosed React and Next.js vulnerabilities, including denial-of-service and middleware bypass issues. Existing rules already cover some CVEs, w…
Cloudflare introduced Stream bindings for Workers, enabling direct video interactions (upload, metadata management, signed URL generation) without API tokens or HTTP requests. This allows programmatic…
Cloudflare issued an emergency WAF release on May 7, 2026, to address CVE-2026-44575, a critical flaw allowing unauthenticated attackers to bypass Next.js App Router middleware via segment-prefetch ro…
Cloudflare introduced automatic trace propagation across Worker-to-Worker subrequests, including service bindings and Durable Objects, replacing disconnected traces with a single unified trace. This e…
Cloudflare expanded its Radar API with new endpoints to analyze top-level domain (TLD) authoritative nameserver performance. The API now supports summary and timeseries queries grouped by latency, nam…
Cloudflare introduced a new API endpoint in Radar to summarize top-level domain (TLD) authoritative nameserver performance by dimensions like latency, nameserver latency, or location latency. The endp…
Cloudflare expanded its Radar API with a new endpoint to retrieve timeseries data on top-level domain (TLD) authoritative nameserver performance, grouped by latency dimensions. The API supports multip…
Cloudflare updated its Cloudforce One Threat Events API to support querying all event datasets per account, with new output formats like STIX2 and TAXII, and enhanced search operators including 'in' f…
Cloudflare introduced a new API endpoint under Radar to retrieve the top autonomous systems by announced IP space, ranked by IPv4 /24 or IPv6 /48 counts. The endpoint supports filtering by country, da…
Cloudflare introduced a new API endpoint to retrieve RPKI ROA validation ratios over time via `/radar/bgp/rpki/roas/timeseries`. The endpoint supports filtering by ASN, location, and metric type (e.g.…
On May 5, 2026, DENIC published incorrect DNSSEC signatures for the .de TLD, causing validating resolvers like Cloudflare’s 1.1.1.1 to return SERVFAIL for all .de domains. Cloudflare mitigated the iss…
Cloudflare announced Immerse, a roadshow event in Anaheim, CA on May 6, 2026, targeting security and IT leaders to discuss Zero Trust, SASE, DDoS, and AI application deployment. The event highlights C…
Cloudflare’s Threat Events API now supports TAXII format for exporting threat data, enabling direct integration with SIEM, TIP, and SOAR tools. This reduces manual overhead by automating indicator syn…
Cloudflare Mesh nodes now support advertising IPv6 CIDR routes alongside IPv4, enabling dual-stack or IPv6-only private networks. Users can configure IPv6 routes (e.g., fd00::/64) via dashboard or API…
Cloudflare Radar now tracks TLD authoritative nameserver performance, offering latency metrics, per-nameserver breakdowns, and geographic distribution via new widgets and API endpoints. Users can anal…
Cloudflare introduced Cloudy summaries in PhishNet for Office 365, providing AI-generated context for suspicious emails to speed up investigations. The feature leverages existing detection models with…
Cloudflare introduced Instant Bank Payments (IBP) via Link, allowing US-based self-serve accounts to pay directly from bank accounts during checkout. The feature integrates with Link’s one-click walle…
Cloudflare was named a Leader in Forrester’s Edge Development Platforms report for Q1 2026, receiving top scores in Vision, Innovation, Roadmap, and AI application development. The report highlights C…
Cloudflare introduced Terraform support for configuring Pipelines and R2 Data Catalog via the Cloudflare provider (v5.19.0+). The integration automates the creation of R2 buckets, data catalogs, strea…
Cloudflare published a guide demonstrating how to connect Apache Spark (Scala) applications to its R2 Data Catalog for Iceberg table operations. The example includes prerequisites, a sample Scala appl…
Cloudflare added DuckDB support to its R2 Data Catalog, enabling users to query and manage Iceberg tables directly via DuckDB. The integration requires DuckDB 1.4.0+, an R2 API token with catalog perm…
Cloudflare introduced keyboard shortcuts for its dashboard, enabling faster navigation and actions without leaving the keyboard. Users can press `?` to view all shortcuts, which include quick navigati…
Cloudflare now supports managing Pipelines and R2 Data Catalog via Terraform with provider v5.19.0. Four new resources enable infrastructure-as-code for data ingestion, transformation, and storage wor…
Cloudflare’s May 4, 2026 WAF release introduces new detections for command injection, SQL injection, PHP object injection, remote code execution, and XSS vectors. Several beta rules are merged into ex…
Cloudflare Radar introduced two new routing widgets: a 'Top ASes by announced IP space' chart on country pages and an RPKI ROA deployment timeseries widget. Both provide deeper visibility into BGP ann…
Cloudflare’s cache now runs on Pingora, its Rust-based proxy framework, replacing the previous system. The change delivers lower latency, reduced cache misses, and stricter RFC compliance, including n…
Cloudflare added Data Classification to its DLP suite, enabling reusable labels, templates, and data classes to organize and label sensitive content before enforcement. This allows administrators to s…
Cloudflare One added over 60 new predefined detection entries to its Data Loss Prevention (DLP) system, covering sensitive identifiers across 30+ countries, cryptocurrency wallets, and API tokens. The…
Cloudflare finished the 'Code Orange: Fail Small' initiative to prevent future outages like those in November and December 2025. Key changes include safer configuration deployments via Snapstone, redu…
Cloudflare One expanded its DLP detection entries with six new types: pattern entries (Rust regex), Exact Data Match datasets, Custom Wordlist datasets, document entries, and AI prompt topics. Each ty…
Cloudflare launched Dynamic Workers, enabling unlimited runtime-spun Workers for executing arbitrary code in secure sandboxes. This allows AI agents to write and run code directly, reducing inference …
Cloudflare introduced Dynamic Workflows, enabling per-tenant or per-user durable execution by combining Workflows with Dynamic Workers. Each workflow step survives failures, sleeps, or waits for event…
Cloudflare launched dynamic workflows, enabling per-tenant or per-user durable execution by combining Workflows with Dynamic Workers. Each workflow step survives failures, sleeps, or isolate recycling…
Cloudflare introduced Dynamic Workflows, enabling platforms to dynamically deploy tenant-specific durable workflows without pre-binding workflow code. This extends their Dynamic Workers model to durab…
Cloudflare introduced the @cloudflare/dynamic-workflows library, allowing Workflows to run inside Dynamic Workers for durable, multi-step logic loaded at runtime. This solves durability challenges by …
Track Cloudflare on autopilot
