Security | Threat Detection | Cyberattacks | DevSecOps | Compliance

The definition of the "edge" is changing. For years, security teams have focused on the traditional perimeter: web applications, public APIs, and user interfaces. We built firewalls, deployed WAFs, and established strict access controls to keep bad actors out. But with the rapid adoption of Agentic AI, the perimeter has expanded. Today, your "edge" isn't just where users connect to your apps; it's where AI agents connect to your data.

The API supply chain is the new security blind spot. Attackers no longer need to breach your APIs directly; they can target the third-party services that connect to them. These unmanaged dependencies are now the shortest path to your sensitive data. The recent Mixpanel incident is a stark reminder of that fact.

Cloudflare has deployed a new protection to address a vulnerability in React Server Components (RSC). All Cloudflare customers are automatically protected, including those on free and paid plans, as long as their React application traffic is proxied through the Cloudflare Web Application Firewall (WAF). Cloudflare Workers are inherently immune to this exploit. React-based applications and frameworks deployed on Workers are not affected by this vulnerability.

Welcome to the 23rd edition of Cloudflare’s Quarterly DDoS Threat Report. This report offers a comprehensive analysis of the evolving threat landscape of Distributed Denial of Service (DDoS) attacks based on data from the Cloudflare network. In this edition, we focus on the third quarter of 2025.

On December 3, 2025, coordinated disclosures revealed that multiple releases of React 19 and Next.js contain a critical flaw in the React Server Components (RSC) “Flight” protocol, allowing unauthenticated remote code execution (RCE). The vulnerability originates from unsafe deserialization of attacker-controlled data in server-side RSC payload handling.

Artificial Intelligence (AI) is transforming software development with agentic coding tools like GitHub Copilot and Cursor, leading the charge. These tools use AI to assist developers in writing code, automate repetitive tasks, and expedite the development process.

Montreal's recent community event revealed how feature flags, observability, and lifecycle discipline help teams manage complexity without compromising security or stability.

A new criminal platform called “Matrix Push C2” is using browser notifications to launch social engineering attacks, according to researchers at BlackFog. “This browser-native, fileless framework leverages push notifications, fake alerts, and link redirects to target victims across operating systems,” the researchers write.

LLMs, agents and retrieval‑augmented models are increasingly being adopted for product analytics, customer support and decision‑making workflows. With that scale comes exposure: AI privacy and security incidents incidents involving customer PII are more common than ever and becoming a compliance issue. Let’s look at the statistics: These underscore the importance of robust guardrails and why relying on privacy tools with mediocre recall is a gamble.

The importance of cyber resilience is very real and growing due to an accelerating threat landscape for manufacturers that shows no signs of slowing down. The SANS Institute’s 2025 State of ICS/OT Cybersecurity Survey reveals troubling trends that should reshape how manufacturers think about operational security.