In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability, deploying global protection before the public advisory was even released — and how updates are necessary and urgent.

Daniele explains how WAF rules are created, what “payload logging” improvements mean for customers, and what’s coming next in 2026, including Firewall for AI, fraud detection, and gradual rule rollout.

At the end of the episode, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess app running inside ChatGPT, built with agents SDK and Cloudflare Workers.

Mentioned blog posts:

• Cloudflare WAF proactively protects against React vulnerability
• Get better visibility for the WAF with payload logging
• Cloudflare's 2025 Q3 DDoS threat report -- including Aisuru, the apex of botnets
• Why Replicate is joining Cloudflare