In this episode of This Week in NET, we talk with Daniele Molteni, Director of Product Management for Cloudflare’s WAF, about how Cloudflare responded within hours to a newly disclosed React Server Components vulnerability — deploying global protection before the public advisory was even released.

That speed matters. In just the first 11 days after disclosure, Cloudflare observed more than 1 billion exploitation attempts related to React2Shell, with sustained pressure averaging over 4 million hits per hour, and peaks far higher. Threat actors quickly integrated the vulnerability into large-scale scanning and reconnaissance, targeting even critical infrastructure. If you run React, upgrading is urgent.

Daniele explains how WAF rules are built, how new payload logging improvements help customers understand real attack traffic, and what’s coming next in 2026 — including Firewall for AI, fraud detection, and safer, gradual rule rollouts.

To close the episode, Systems Engineer Steve James gives a hands-on demo of a real-time multiplayer chess app running inside ChatGPT, built with the Agents SDK and Cloudflare Workers.

Mentioned blog posts:

• React2Shell and related RSC vulnerabilities threat brief: early exploitation activity and threat actor techniques
• Cloudflare WAF proactively protects against React vulnerability
• Get better visibility for the WAF with payload logging